| |
Vulnerability CVE-2021-24529
Published: 2021-08-23
| Description: |
The Grid Gallery ?????? Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability. |
Type:
CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
CVSS2 => (AV:N/AC:M/Au:S/C:N/I:P/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
3.5/10 |
2.9/10 |
6.8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
