13 matches found
WordPress Gallery Bank Plugin <= 4.0.18 is vulnerable to Cross Site Scripting (XSS)
Software Gallery Bank Type Plugin Vulnerable versions = 4.0.18 Fixed in 4.0.19 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID b7b7ba517a68 Credits Rafie Muhammad Patchstack Required...
WordPress Gallery Bank plugin <= 4.0.50 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Media Upload Module
Authenticated Stored Cross-Site Scripting XSS vulnerability via Media Upload Module discovered by Vishnupriya Ilango Fortinet FortiGuard Labs in WordPress Gallery Bank plugin versions = 4.0.50. Solution Deactivate and delete. This plugin has been closed as of December 9, 2021 and is not available...
WordPress Gallery Bank plugin <= 4.0.50 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Gallery Description
Authenticated Stored Cross-Site Scripting XSS vulnerability via Gallery Description discovered by Vishnupriya Ilango Fortinet's FortiGuard Labs in WordPress Gallery Bank plugin versions = 4.0.50. Solution Deactivate and delete. This plugin has been closed as of December 9, 2021 and is not availab...
Gallery Bank <= 4.0.50 - Author+ Stored XSS via Gallery Description
The plugin does not sanitise and escape the Gallery Description field, which could allow users with a role as low as Author to perform Stored Cross-Site Scripting attacks...
Gallery Bank <= 4.0.50 - Author+ Stored XSS via Media Upload Module
The plugin does not sanitise and escape the Image Title field via the Media Upload module, which could allow users with a role as low as Author to perform Stored Cross-Site Scripting attacks...
Gallery Bank Plugin for WordPress < 2.0.20 XSS
According to its self-reported version, the Gallery Bank Plugin for WordPress running on the remote web server is prior to 2.0.20. It is, therefore, affected by multiple reflected cross-site scripting vulnerabilities. A remote attacker can exploit these issues, via a specially crafted request, to...
WordPress Gallery Bank Plugin < 3.0.70 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112071";...
WordPress Gallery Bank Plugin <= 3.0.228 - Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...
Gallery Bank <= 3.0.101 - SQL Injection
The Gallery Bank – Responsive Photo Gallery plugin exposes a Short Code named ‘gallerybank’, in order to allow site publishers to insert galleries into pages / posts. This Short Code is vulnerable to a UNION based SQL Injection. This is possible by manipulating the field ‘showalbums’ when using...
Gallery Bank <= 3.0.60 - Shell Upload
The WordPress Photo Gallery Plugin by Gallery Bank WordPress plugin was affected by a Shell Upload security vulnerability...
Gallery Bank 2.0.19 - edit-album.php album_id Parameter Reflected XSS
The WordPress Photo Gallery Plugin by Gallery Bank WordPress plugin was affected by an edit-album.php albumid Parameter Reflected XSS security vulnerability...
[SOJOBO-ADV-13-03] - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting
SOJOBO-ADV-13-03 - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting I. Information ================== Name : Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting Software : Gallery Bank 2.0.19 and possibly below. Vendor Homepage : http://gallery-bank.com/...
WordPress Gallery Bank 2.0.19 Cross Site Scripting
SOJOBO-ADV-13-03 - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting I. Information ================== Name : Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting Software : Gallery Bank 2.0.19 and possibly below. Vendor Homepage : http://gallery-bank.com/...