CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32107 – WordPress Photo Gallery by Ays Plugin <= 5.1.3 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-32107
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.1.3 versions. The Photo Gallery by Ays plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘ays_gpg_settings_tab’ parameter in versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/gallery-photo-gallery/wordpress-photo-gallery-by-ays-responsive-image-gallery-plugin-5-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1427 – Photo Gallery by 10Web < 1.8.15 - Admin+ Path Traversal
https://notcve.org/view.php?id=CVE-2023-1427
- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector. The Photo Gallery plugin by 10Web for WordPress is vulnerable to Directory Traversal in versions up to, and including, 1.8.14 via the dir parameter. This allows authenticated attackers with administrator-level permissions to upload files to arbitrary directories on the server. • https://wpscan.com/vulnerability/c8917ba2-4cb3-4b09-8a49-b7c612254946 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4058 – Photo Gallery < 1.8.3 - Stored XSS via CSRF
https://notcve.org/view.php?id=CVE-2022-4058
The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control. El complemento Photo Gallery de 10Web para WordPress anterior a 1.8.3 no valida ni escapa algunos parámetros antes de volver a generarlos en código JS más adelante en otra página, lo que podría provocar un problema de XSS almacenado cuando un atacante hace que un administrador que ha iniciado sesión abra un archivo malicioso, URL o página bajo su control. The Photo Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.2. This is due to missing or incorrect nonce validation one of its functions. This makes it possible for unauthenticated attackers to inject malicious JavaScript, that will execute whenever a user accesses a page under their control. • https://wpscan.com/vulnerability/89656cb3-4611-4ae7-b7f8-1b22eb75cfc4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36891 – WordPress Photo Gallery by Supsystic plugin <= 1.15.5 - Cross-Site Request Forgery (CSRF) leading to Plugin Settings Change
https://notcve.org/view.php?id=CVE-2021-36891
Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery by Supsystic plugin <= 1.15.5 at WordPress allows changing the plugin settings. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el plugin Photo Gallery by Supsystic versiones anteriores a 1.15.5 incluyéndola, en WordPress que permite cambiar la configuración del plugin • https://patchstack.com/database/vulnerability/gallery-by-supsystic/wordpress-photo-gallery-by-supsystic-plugin-1-15-5-cross-site-request-forgery-csrf-leading-to-plugin-settings-change https://wordpress.org/plugins/gallery-by-supsystic/#developers • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1394 – Photo Gallery < 1.6.4 - Admin+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-1394
The Photo Gallery by 10Web WordPress plugin before 1.6.4 does not properly validate and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed El plugin Photo Gallery by 10Web de WordPress versiones anteriores a 1.6.4, no comprueba ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con altos privilegios, como los administradores, llevar a cabo ataques de tipo Cross-Site Scripting cuando unfiltered_html no está permitido The Photo Gallery by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Watermark font size" and "Watermark opacity" fields in versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/f7a0df37-3204-4926-84ec-2204a2f22de3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •