Lucene search
K

61 matches found

NVD
NVD
added 2024/03/31 7:15 p.m.27 views

CVE-2024-31120

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Stored XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...

6.5CVSS6.4AI score0.00382EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/03/29 12:44 p.m.7 views

WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Responsive Image Gallery, Gallery Album versions = 2.0.3...

6.5CVSS7.1AI score0.00382EPSS
Exploits0Affected Software1
CVE
CVE
added 2024/01/05 2:2 a.m.48 views

CVE-2023-6493

The Depicter Slider WordPress plugin (Averta Depicter Slider) is vulnerable to Cross-Site Request Forgery in all versions up to 2.0.6 due to missing/incorrect nonce validation on the save function. Unauthenticated attackers can modify plugin settings by tricking an administrator into performing a...

4.3CVSS4.6AI score0.00198EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/18 8:8 p.m.22 views

CVE-2023-6077 Slider - Ultimate Responsive Image Slider < 3.5.12 - Subscriber+ Arbitrary Post Access

The Slider WordPress plugin before 3.5.12 does not ensure that posts to be accessed via an AJAX action are slides and can be viewed by the user making the request, allowing any authenticated users, such as subscriber to access the content arbitrary post such as private, draft and password protect...

6.7AI score0.00665EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/10/18 1:31 p.m.31 views

CVE-2023-45630 WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Unauth. Stored Cross-Site Scripting XSS vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin = 2.0.3 versions...

6.5CVSS6.1AI score0.00313EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/16 8:31 a.m.31 views

CVE-2023-45629 WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin = 2.0.3 versions...

5.4CVSS9AI score0.00184EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/10/11 12:0 a.m.11 views

WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Image Gallery, Gallery Album Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45630 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 67954aa41bb6...

7.1CVSS5.6AI score0.00313EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/10/11 12:0 a.m.8 views

WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Responsive Image Gallery, Gallery Album Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45629 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c264401c72ac Credi...

8.8CVSS6.6AI score0.00184EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/10/03 12:15 p.m.3 views

CVE-2023-39917

Cross-Site Request Forgery CSRF vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin = 5.2.6 versions...

8.8CVSS5.8AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2023/10/03 12:15 p.m.18 views

CVE-2023-39917

Cross-Site Request Forgery CSRF vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin = 5.2.6 versions...

8.8CVSS5.8AI score0.00214EPSS
Exploits0References1
Prion
Prion
added 2023/10/03 12:15 p.m.18 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin = 5.2.6 versions...

6.8CVSS8.8AI score0.00214EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/03 11:14 a.m.46 views

CVE-2023-39917

CVE-2023-39917 relates to the WordPress plugin Photo Gallery by Ays – Responsive Image Gallery, affected up to version 5.2.6. The vulnerability is a Cross-Site Request Forgery (CSRF) issue in the plugin, with unauthenticated access as the required privilege and a low-severity ranking in PatchStac...

8.8CVSS6.5AI score0.00214EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/08/18 2:15 p.m.21 views

CVE-2023-32107

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin = 5.1.3 versions...

7.1CVSS6.2AI score0.00396EPSS
Exploits0References1
CVE
CVE
added 2023/08/18 2:0 p.m.51 views

CVE-2023-32107

CVE-2023-32107 affects WordPress Photo Gallery by Ays – Responsive Image Gallery,

7.1CVSS6AI score0.00396EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/03/15 5:22 p.m.3 views

DRUPAL-CONTRIB-2023-010

The Media Responsive Thumbnail module allows media reference fields to be rendered as a responsive image. This module does not properly check entity access prior to rendering media. This may result in users seeing thumbnails of media items they do not have access to. This release was coordinated...

6.7AI score
Exploits0References1
Drupal
Drupal
added 2023/03/15 12:0 a.m.15 views

Media Responsive Thumbnail - Moderately critical - Information disclosure - SA-CONTRIB-2023-010

The Media Responsive Thumbnail module allows media reference fields to be rendered as a responsive image. This module does not properly check entity access prior to rendering media. This may result in users seeing thumbnails of media items they do not have access to. This release was coordinated...

6.6AI score
Exploits0References10
Patchstack
Patchstack
added 2023/02/03 12:0 a.m.11 views

WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Image Gallery, Gallery Album Type Plugin Vulnerable versions = 2.0.1 Fixed in 2.0.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47603 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 679ee9055f30...

7.1CVSS5.6AI score0.00422EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/08/02 10:32 a.m.48 views

CVE-2021-24462

The CVE-2021-24462 issue affects the WordPress plugin Photo Gallery by Ays – Responsive Image Gallery (versions before 4.4.4). The root cause is that get_gallery_categories() and get_galleries() do not whitelist or validate the orderby parameter before incorporating it into SQL in get_results(), ...

8.8CVSS9.1AI score0.01362EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2017/09/25 5:29 p.m.4 views

CVE-2017-14125

SQL injection vulnerability in the Responsive Image Gallery plugin before 1.2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "id" parameter in an addedittheme task in the wpdevartgallerythemes page to wp-admin/admin.php...

9.8CVSS6.1AI score0.03189EPSS
Exploits3References2
CNVD
CNVD
added 2017/09/25 12:0 a.m.7 views

WordPress Responsive Image Gallery Plugin SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site.Responsive Image Gallery plugin is one of the image management plugin. A SQL injection vulnerability exists in WordPre...

9.8CVSS9.6AI score0.03189EPSS
Exploits3References1
Rows per page
Query Builder