Wp Photo Album Plus Security Vulnerabilities and Issues — Wp Photo Album Plus CVE List

Lucene search

WppaWp Photo Album Plus

5 matches found

CVE•added 2023/12/19 9:15 p.m.•66 views

CVE-2023-49812

Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005.

7.5CVSS6.3AI score0.00109EPSS

CVE•added 2024/11/10 1:15 p.m.•45 views

CVE-2024-10958

The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This is due to the software allowing users to execute an action that does not properly validate a value b...

7.3CVSS7.3AI score0.40724EPSS

CVE•added 2024/07/22 9:15 a.m.•43 views

CVE-2024-37416

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Reflected XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.00.002.

7.1CVSS7AI score0.00173EPSS

CVE•added 2024/05/24 9:15 a.m.•43 views

CVE-2024-4037

The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.7.02.003. This is due to the plugin allowing unauthenticated users to execute an action that does not properly validate a value before running do_shortcode. This makes...

7.3CVSS7AI score0.0072EPSS

CVE•added 2024/06/04 12:15 p.m.•27 views

CVE-2023-49774

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005.

5.3CVSS5.2AI score0.00327EPSS