9 matches found
EUVD-2024-47092
Malicious code in bioql PyPI...
EUVD-2024-32161
Malicious code in bioql PyPI...
EUVD-2022-30263
Malicious code in bioql PyPI...
CVE-2024-3581
The MaxGalleria plugin for WordPress is vulnerable to unauthorized image upload due to a missing capability check on the addmedialibraryimagestogallery function in all versions up to, and including, 6.4.2. This makes it possible for authenticated attackers, with subscriber access or above, to...
CVE-2024-5970
The MaxGalleria plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's maxgallerythumb shortcode in all versions up to, and including, 6.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-5970 MaxGalleria <= 6.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via maxgallery_thumb Shortcode
The MaxGalleria plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's maxgallerythumb shortcode in all versions up to, and including, 6.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
PT-2024-26749 · WordPress · Maxgalleria
Name of the Vulnerable Software and Affected Versions: MaxGalleria plugin for WordPress versions up to, and including, 6.4.2 Description: The issue is related to unauthorized image upload due to a missing capability check on the add media library images to gallery function. This allows...
CVE-2022-25603
Authenticated author or higher user role Stored Cross-Site Scripting XSS vulnerability discovered in MaxGalleria WordPress plugin versions 6.2.5...
CVE-2022-25603 WordPress MaxGalleria plugin <= 6.2.5 - Stored Cross-Site Scripting (XSS) vulnerability
Authenticated author or higher user role Stored Cross-Site Scripting XSS vulnerability discovered in MaxGalleria WordPress plugin versions 6.2.5...