2 matches found
CVE-2023-2708
CVE-2023-2708 affects the Video Gallery plugin for WordPress (≤ 1.0.10). Root cause: insufficient input sanitization and output escaping of the search_term parameter, enabling reflected XSS. Impact: potentially exploited by unauthenticated attackers who lure victims to perform actions triggering ...
CVE-2023-32597
CVE-2023-32597 concerns the I Thirteen Web Solution Video Gallery WordPress plugin (versions up to and including 1.0.10). The vulnerability is an unauthenticated, reflected Cross-Site Scripting (XSS) flaw in the plugin, where attacker-supplied input can be reflected in pages. Patchstack and relat...