CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14790 – Limb Gallery – Create Beautiful Image & Video Galleries <= 1.3.2 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-14790
The limb-gallery (aka Limb Gallery) plugin 1.4.0 for WordPress has XSS via the wp-admin/admin-ajax.php?action=grsGalleryAjax&grsAction=shortcode task parameter, El plugin limb-gallery (también se conoce como Limb Gallery) versión 1.4.0 para WordPress, presenta una vulnerabilidad de tipo XSS por medio del parámetro task en el archivo wp-admin/admin-ajax.php?Action=grsGalleryAjax&grsAction=shortcode. The limb-gallery (aka Limb Gallery) plugin < 1.4.0 for WordPress has XSS via the wp-admin/admin-ajax.php?action=grsGalleryAjax&grsAction=shortcode task parameter. • https://wordpress.org/plugins/limb-gallery/#developers https://wpvulndb.com/vulnerabilities/9517 https://www.pluginvulnerabilities.com/2019/06/26/what-would-hackers-be-interested-in-the-wordpress-plugin-limb-gallery-for • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •