Envira Gallery Lite 1.8.3.2 Cross Site Scripting

==== Tempest Security Intelligence - ADV-12/2020 ============================= Envira Gallery - Lite Edition - Version 1.8.3.2 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents ================================================ • Overview •...

Envira Gallery Lite Cross-Site Scripting Vulnerability

Envira Gallery Lite is a plugin from China-based Envira Gallery that provides responsive gallery functionality for Wordpress. A cross-site scripting vulnerability exists in Envira Gallery Lite 1.8.3.2, which originates when the program accepts malicious client-side scripts without proper detectio...