CVE-2021-24310 – Photo Gallery < 1.5.67 - Authenticated Stored Cross-Site Scripting via Gallery Title
https://notcve.org/view.php?id=CVE-2021-24310
The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery in the admin dashboard. This is due to an incomplete fix of CVE-2019-16117 El plugin de WordPress Photo Gallery by 10Web - Mobile-Friendly Image Gallery versiones anteriores a 1.5.67, no saneaba apropiadamente el título de la galería, permitiendo a usuarios muy privilegiados crear uno con carga útil de tipo XSS, el cual se desencadenará cuando otro usuario visualice la lista de la galería o la galería afectada en el panel de administración. Esto es debido a una correción incompleta de CVE-2019-16117 • https://wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-24291 – Photo Gallery < 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-24291
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET parameters passed to the bwg_frontend_data AJAX action (available to both unauthenticated and authenticated users) El plugin de WordPress The Photo Gallery by 10Web - Mobile-Friendly Image Gallery, versiones anteriores a 1.5.69, era vulnerable a problemas de tipo cross-site scripting (XSS) reflejado mediante los parámetros GET gallery_id, tag, album_id y _id pasados ??en la acción AJAX bwg_frontend_data (disponible para usuarios autenticados y no autenticados) • https://packetstormsecurity.com/files/162227 https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-46889 – Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.5.68 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-46889
The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693. The Photo Gallery by 10Web plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'theme_id' parameter in versions up to, and including, 1.5.68 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://packetstormsecurity.com/files/162227/WordPress-Photo-Gallery-1.5.69-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-25041 – Photo Gallery by 10Web < 1.5.68 - Reflected Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-25041
The Photo Gallery by 10Web WordPress plugin before 1.5.68 is vulnerable to Reflected Cross-Site Scripting (XSS) issues via the bwg_album_breadcrumb_0 and shortcode_id GET parameters passed to the bwg_frontend_data AJAX action El plugin Photo Gallery by 10Web de WordPress versiones anteriores a 1.5.68, es vulnerable a problemas de tipo Cross-Site Scripting (XSS) Reflejado por medio de los parámetros GET bwg_album_breadcrumb_0 y shortcode_id pasados a la acción AJAX bwg_frontend_data • https://plugins.trac.wordpress.org/changeset/2467205 https://wpscan.com/vulnerability/32aee3ea-e0af-44da-a16c-102c83eaed8f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-24132 – Slider by 10Web < 1.2.36 - Multiple Authenticated SQL Injection
https://notcve.org/view.php?id=CVE-2021-24132
The Slider by 10Web WordPress plugin, versions before 1.2.36, in the bulk_action, export_full and save_slider_db functionalities of the plugin were vulnerable, allowing a high privileged user (Admin), or medium one such as Contributor+ (if "Role Options" is turn on for other users) to perform a SQL Injection attacks. El plugin Slider para 10Web WordPress, versiones anteriores a 1.2.36, en las funcionalidades bulk_action, export_full y save_slider_db del plugin, eran vulnerables, permitiendo a un usuario muy privilegiado (Admin), o uno medio como Colaborador+ (si "Role Options" se activa para otros usuarios) para llevar a cabo ataques de inyección SQL • https://wpscan.com/vulnerability/c1f45000-6c16-4606-be80-1938a755af2c • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •