5 matches found
CVE-2021-47951
WordPress Picture Gallery 1.4.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Edit Content URL field in the Access Control settings. Attackers can enter JavaScript payloads in the plugin options that are stored in...
CVE-2021-47951 WordPress Picture Gallery 1.4.2 Stored XSS via Edit Content URL
WordPress Picture Gallery 1.4.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Edit Content URL field in the Access Control settings. Attackers can enter JavaScript payloads in the plugin options that are stored in...
CVE-2021-47951
CVE-2021-47951 concerns WordPress Picture Gallery 1.4.2, which has a stored cross-site scripting (XSS) flaw. The vulnerability allows authenticated attackers to inject JavaScript through the Edit Content URL field in the Access Control settings; payloads stored in the database can execute when th...
CVE-2021-47951 WordPress Picture Gallery 1.4.2 Stored XSS via Edit Content URL
WordPress Picture Gallery 1.4.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Edit Content URL field in the Access Control settings. Attackers can enter JavaScript payloads in the plugin options that are stored in...
WordPress plugin Picture Gallery 'Edit Content URL' cross-site scripting vulnerability
WordPress is a blogging platform based on the PHP language that can be used to host websites on servers that support PHP and MySQL databases, and can also be used as a content management system CMS. WordPress plugin Picture Gallery 'Edit Content URL' has a cross-site scripting vulnerability that...