Lucene search
WpvulndbWPVDB-ID:521987B6-F0DC-4510-8AD0-F9AF338069BDHistoryJan 24, 2024 - 12:00 a.m.
Robo Gallery < 3.2.18 - Author+ Stored XSS
2024-01-2400:00:00
wpscan.com
3
plugin
vulnerability
stored xss
input sanitization
output escaping
authenticated attackers
author-level access
web scripts
pages
Description The plugin is vulnerable to Stored Cross-Site Scripting idue to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 3.2.18 |
Related
cve
cve
CVE-2024-22295
2024-01-31 18:15:49
nvd
nvd
CVE-2024-22295
2024-01-31 18:15:49
prion
prion
Cross site scripting
2024-01-31 18:15:00
cvelist
cvelist
wordfence
wordfence
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.2%
Related for WPVDB-ID:521987B6-F0DC-4510-8AD0-F9AF338069BD