Lucene search
+L

90 matches found

Patchstack
Patchstack
added 2023/03/30 12:0 a.m.14 views

WordPress Gallery Plugin < 4.7.0 is vulnerable to Cross Site Scripting (XSS)

Software Gallery Type Plugin Vulnerable versions 4.7.0 Fixed in 4.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0764 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID e9bded84374e Credits dc11 Required privilege Auth...

5.4CVSS5.6AI score0.00444EPSS
Exploits2References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/29 6:57 p.m.13 views

CVE-2022-47603 WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin = 2.0.1 versions...

7.1CVSS6.2AI score0.00422EPSS
Exploits0References1
Prion
Prion
added 2023/03/01 2:15 p.m.20 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin = 3.28 leading to thumbnail alteration...

4.3CVSS4.7AI score0.00229EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/01/11 12:0 a.m.13 views

WordPress Gallery Factory Lite Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Gallery Factory Lite Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0148 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 88f855435d38 Credits István Márton...

5.4CVSS5.6AI score0.00695EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2022/08/10 12:0 a.m.47 views

WordPress Gallery PhotoBlocks plugin <= 1.2.7 - Cross-Site Request Forgery (CSRF) vulnerabilities

Cross-Site Request Forgery CSRF vulnerabilities leading to Gallery Delete / Copy discovered by Ngo Van Thien Patchstack Alliance in WordPress Gallery PhotoBlocks plugin versions = 1.2.7. Solution Deactivate and delete. This plugin has been closed as of August 10, 2022 and is not available for...

8.8CVSS3.3AI score0.00306EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/06/09 12:0 a.m.12 views

WordPress Gallery Bank plugin <= 4.0.50 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Gallery Description

Authenticated Stored Cross-Site Scripting XSS vulnerability via Gallery Description discovered by Vishnupriya Ilango Fortinet's FortiGuard Labs in WordPress Gallery Bank plugin versions = 4.0.50. Solution Deactivate and delete. This plugin has been closed as of December 9, 2021 and is not availab...

1.9AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.12 views

WordPress Gallery Plugin – Limb Image Gallery plugin <= 1.5.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Gallery Plugin – Limb Image Gallery plugin versions = 1.5.1. Solution Update the WordPress Gallery Plugin – Limb Image Gallery plugin to the latest available version at least 1.5.2...

3.7AI score
Exploits0References2Affected Software1
OSV
OSV
added 2022/02/21 11:15 a.m.5 views

CVE-2022-0186

The Image Photo Gallery Final Tiles Grid WordPress plugin before 3.5.3 does not sanitise and escape the Description field when editing a gallery, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks against other users having access to the gallery dashboard...

5.4CVSS6.1AI score0.00604EPSS
Exploits2References1
0day.today
0day.today
added 2014/08/15 12:0 a.m.21 views

Wordpress Gallery Objects 0.4 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : Wordpress Gallery Objects 0.4 SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://galleryobjects.com/ Software Link : http://downloads.wordpress.org/plugin/gallery-objects.0.4.zip Dork Google:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/06/24 12:0 a.m.211 views

Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - &#039;WebShot&#039; Remote Code Execution

| | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Wordpress TimThumb 2.8.13 WebShot Remote Code Execution 0-day Affected website : a lot Wordpress Themes, Plugins, 3rd party components Exploit Author : @u0x Pichaya Morimoto Release dates :...

7AI score
Exploits0
Rows per page
Query Builder