CVE-2024-37416 WordPress WP Photo Album Plus plugin <= 8.8.00.002 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Reflected XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.00.002...

CVE-2024-38713

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.02.002...

CVE-2024-38713 WordPress WP Photo Album Plus plugin <= 8.8.02.002 - Authenticated Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.02.002...

CVE-2023-49774

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005...

CVE-2024-31377

Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.7.01.001...

CVE-2024-31377 WordPress WP Photo Album Plus plugin <= 8.7.01.001 - Unauth. Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.7.01.001...

CVE-2024-31377

CVE-2024-31377 concerns the WP Photo Album Plus plugin for WordPress, affecting WP Photo Album Plus versions from an unspecified inception up to 8.7.01.001. The description from the sources identifies an Unauthenticated Unrestricted Upload of File with Dangerous Type vulnerability, enabling arbit...

Authorization

Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005...

CVE-2023-49812 WordPress WP Photo Album Plus Plugin <= 8.5.02.005 is vulnerable to Insecure Direct Object References (IDOR)

Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005...

CVE-2023-49812

CVE-2023-49812 affects WP Photo Album Plus plugins (WordPress) up to version 8.5.02.005 and is an Insecure Direct Object Reference (IDOR) vulnerability caused by missing validation on a user-controlled key. It allows unauthenticated access to unauthorized actions, as detailed by Patchstack/NVD/NV...

CVE-2023-49813

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005...

CVE-2023-49813

CVE-2023-49813 affects WP Photo Album Plus (WordPress) with Stored XSS due to improper input handling. Vulnerable versions: through 8.5.02.005; fix available in 8.6.01.005. Remediation: update to 8.6.01.005 or apply vendor patch.