90 matches found
WordPress Gallery Plugin < 4.7.0 is vulnerable to Cross Site Scripting (XSS)
Software Gallery Type Plugin Vulnerable versions 4.7.0 Fixed in 4.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0764 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID e9bded84374e Credits dc11 Required privilege Auth...
CVE-2022-47603 WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin = 2.0.1 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin = 3.28 leading to thumbnail alteration...
WordPress Gallery Factory Lite Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Gallery Factory Lite Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0148 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 88f855435d38 Credits István Márton...
WordPress Gallery PhotoBlocks plugin <= 1.2.7 - Cross-Site Request Forgery (CSRF) vulnerabilities
Cross-Site Request Forgery CSRF vulnerabilities leading to Gallery Delete / Copy discovered by Ngo Van Thien Patchstack Alliance in WordPress Gallery PhotoBlocks plugin versions = 1.2.7. Solution Deactivate and delete. This plugin has been closed as of August 10, 2022 and is not available for...
WordPress Gallery Bank plugin <= 4.0.50 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Gallery Description
Authenticated Stored Cross-Site Scripting XSS vulnerability via Gallery Description discovered by Vishnupriya Ilango Fortinet's FortiGuard Labs in WordPress Gallery Bank plugin versions = 4.0.50. Solution Deactivate and delete. This plugin has been closed as of December 9, 2021 and is not availab...
WordPress Gallery Plugin – Limb Image Gallery plugin <= 1.5.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Gallery Plugin – Limb Image Gallery plugin versions = 1.5.1. Solution Update the WordPress Gallery Plugin – Limb Image Gallery plugin to the latest available version at least 1.5.2...
CVE-2022-0186
The Image Photo Gallery Final Tiles Grid WordPress plugin before 3.5.3 does not sanitise and escape the Description field when editing a gallery, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks against other users having access to the gallery dashboard...
Wordpress Gallery Objects 0.4 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title : Wordpress Gallery Objects 0.4 SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://galleryobjects.com/ Software Link : http://downloads.wordpress.org/plugin/gallery-objects.0.4.zip Dork Google:...
Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
| | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Wordpress TimThumb 2.8.13 WebShot Remote Code Execution 0-day Affected website : a lot Wordpress Themes, Plugins, 3rd party components Exploit Author : @u0x Pichaya Morimoto Release dates :...