3 matches found
CVE-2025-27291 WordPress Photo Gallery – Image Gallery Plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uxgallery WordPress Photo Gallery – Image Gallery photo-image-gallery allows Reflected XSS.This issue affects WordPress Photo Gallery – Image Gallery: from n/a through = 2.0.4...
CVE-2025-27291 WordPress Photo Gallery – Image Gallery Plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uxgallery WordPress Photo Gallery – Image Gallery photo-image-gallery allows Reflected XSS.This issue affects WordPress Photo Gallery – Image Gallery: from n/a through = 2.0.4...
CVE-2025-27291
CVE-2025-27291 is a reflected XSS in the WordPress plugin WordPress Photo Gallery – Image Gallery (uxgallery) up to version 2.0.4. The root cause is improper input neutralization during web page generation, allowing reflected script execution. Public records indicate CVSS v3.1 base score 7.1 (HIG...