The plugin does not properly sanitise the images metadata (namely title) before outputting them in the generated gallery. This allows privileged accounts such as editor+ to perform XSS attacks (even without the unfiltered_html capability) against users visiting the gallery in the frontend.
As an editor+, add an image to a gallery and set its title (via the metadata) to . Then view a page where the gallery is embed. https://drive.google.com/open?id=1G15mMK4mLFV5VUL_vWxpbbBDworjciiM
CPE | Name | Operator | Version |
---|---|---|---|
envira-gallery-lite | lt | 1.8.3.3 |