12 matches found
EUVD-2014-2593
Malware in sbrugna...
EUVD-2023-27763
Malicious code in bioql PyPI...
CVE-2023-23676
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bruno "Aesqe" Babic File Gallery plugin = 1.8.5.3 versions...
CVE-2023-48771 WordPress File Gallery Plugin <= 1.8.5.4 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bruno "Aesqe" Babic File Gallery allows Reflected XSS.This issue affects File Gallery: from n/a through 1.8.5.4...
CVE-2023-23676
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bruno "Aesqe" Babic File Gallery plugin = 1.8.5.3 versions...
CVE-2023-23676
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bruno "Aesqe" Babic File Gallery plugin = 1.8.5.3 versions...
CVE-2023-23676 WordPress File Gallery Plugin <= 1.8.5.3 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bruno "Aesqe" Babic File Gallery plugin = 1.8.5.3 versions...
CVE-2023-23676
CVE-2023-23676 affects the WordPress plugin File Gallery (author Bruno 'Aesqe' Babic). Vulnerable until version ≤ 1.8.5.3 due to a Stored Cross-Site Scripting (XSS) flaw in the plugin’s file_gallery_shortcode, enabling malicious payloads to be stored and later executed in other users’ sessions. T...
CVE-2023-23676 WordPress File Gallery Plugin <= 1.8.5.3 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bruno "Aesqe" Babic File Gallery plugin = 1.8.5.3 versions...
PT-2023-19119 · WordPress · File Gallery
Name of the Vulnerable Software and Affected Versions: File Gallery plugin versions = 1.8.5.3 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects users with contributor or higher permissions. This allows for malicious scripts to be stored on the serve...
File Gallery < 1.8.5.4 - Contributor+ Stored XSS
The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2014-2558
The CVE-2014-2558 entry concerns the WordPress File Gallery plugin (versions before 1.7.9.2). The vulnerability stems from improper escaping in the Settings Page that allows a remote attacker to trigger arbitrary PHP code execution via a backslash-quote in fields referencing /wp-admin/options-med...