RSS   Vulnerabilities for 'Gallery'   RSS

2022-07-04
 
CVE-2022-1946

CWE-79
 

 
The Gallery WordPress plugin before 2.0.0 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue

 

 >>> Vendor: Wpdevart 10 Products
Gallery
Booking calendar
Responsive image gallery gallery album
Poll\, survey\, questionnaire and voting system
Youtube embed\, playlist and popup
Countdown and countup\, woocommerce sales timer
Coming soon and maintenance mode
Duplicate page or post
Pricing table builder
Social comments


Copyright 2024, cxsecurity.com

 

Back to Top