Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/05/10 12:52 p.m.45 views

CVE-2021-47951 WordPress Picture Gallery 1.4.2 Stored XSS via Edit Content URL

WordPress Picture Gallery 1.4.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Edit Content URL field in the Access Control settings. Attackers can enter JavaScript payloads in the plugin options that are stored in...

6.4CVSS0.00187EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 7:35 a.m.5 views

CVE-2024-13584

The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisperpictures' shortcode in all versions up to, and including, 1.5.19 due to insufficient input sanitization and output escaping on user supplie...

6.4CVSS5.8AI score0.00295EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/26 2:24 p.m.16 views

CVE-2025-26581 WordPress Picture Gallery plugin <= 1.6.3 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in videowhisper Picture Gallery picture-gallery allows Reflected XSS.This issue affects Picture Gallery: from n/a through = 1.6.3...

7.1CVSS0.00352EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/12 11:10 a.m.5 views

WordPress Picture Gallery plugin <= 1.6.3 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Picture Gallery versions = 1.6.3...

7.1CVSS8.1AI score0.00352EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/21 8:52 p.m.3 views

WordPress Picture Gallery plugin <= 1.5.19 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Picture Gallery versions = 1.5.19...

6.4CVSS5.7AI score0.00295EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/14 12:0 a.m.11 views

WordPress Picture Gallery Plugin <= 1.5.11 is vulnerable to Cross Site Scripting (XSS)

Software Picture Gallery Type Plugin Vulnerable versions = 1.5.11 Fixed in 1.5.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34759 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7f72e4ecfdc5 Credits Rayhan Ramdhany Hanaputra Required...

6.5CVSS6.6AI score0.00254EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2021/08/06 12:0 a.m.7 views

WordPress Picture Gallery plugin <= 1.4.3 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Aryan Chehreghani in WordPress Picture Gallery plugin versions = 1.4.3. Solution Update the WordPress Picture Gallery plugin to the latest available version at least 1.4.4...

1.8AI score
Exploits0References2Affected Software1
Rows per page
Query Builder