CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4783 – Youtube Channel Gallery <= 2.4 - Contributor+ Stored XSS via Shortcode
https://notcve.org/view.php?id=CVE-2022-4783
04 Jan 2023 — The Youtube Channel Gallery WordPress plugin through 2.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks The Youtube Channel Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in versions up to, and including, 2.4 due to insufficient input sanitization and output esca... • https://wpscan.com/vulnerability/38e4c7fe-94d5-48b9-8659-e114cbbb4252 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4651 – Justified Gallery < 1.7.1 - Contributor+ Stored XSS via Shortcode
https://notcve.org/view.php?id=CVE-2022-4651
23 Dec 2022 — The Justified Gallery WordPress plugin before 1.7.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. The Justified Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 1.7.0 due to insufficient sanitization and escaping on the attribute values passed through the plugins shortcode. This makes it possible for authenticated attackers with co... • https://wpscan.com/vulnerability/d8182075-7472-48c8-8e9d-94b12ab6fcf6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4142 – WordPress Filter Gallery Plugin < 0.1.6 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2022-4142
06 Dec 2022 — The WordPress Filter Gallery Plugin WordPress plugin before 0.1.6 does not properly escape the filters passed in the ufg_gallery_filters ajax action before outputting them on the page, allowing a high privileged user such as an administrator to inject HTML or javascript to the plugin settings page, even when the unfiltered_html capability is disabled. El complemento Filter Gallery de WordPress anterior a 0.1.6 no escapa correctamente a los filtros pasados en la acción ajax ufg_gallery_filters antes de mostr... • https://wpscan.com/vulnerability/8c2adadd-0684-49a8-9185-0c7d9581aef1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2CVE-2021-38819
https://notcve.org/view.php?id=CVE-2021-38819
16 Nov 2022 — A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page. Existe una vulnerabilidad de inyección SQL en la aplicación Simple Image Gallery System 1.0 a través del parámetro "id" en la página del álbum. • https://github.com/m4sk0ff/CVE-2021-38819 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3991 – Photospace Gallery <= 2.3.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-3991
14 Nov 2022 — The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update() function in versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento Photospace Gallery para WordPress es vulnerable a... • https://plugins.trac.wordpress.org/browser/photospace/trunk/photospace.php#L87 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38135 – WordPress Photospace Gallery plugin <= 2.3.5 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2022-38135
12 Sep 2022 — Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin <= 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings. Una vulnerabilidad de Control de Acceso Roto en el plugin Photospace Gallery versiones anteriores a 2.3.5 incluyéndola, de Dean Oakley en WordPress permite a usuarios con rol de suscriptor o superior cambiar la configuración del plugin The Photospace Gallery plugin for WordPress is vulnerable to authorization bypass due to a missing capab... • https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability • CWE-264: Permissions, Privileges, and Access Controls CWE-285: Improper Authorization •
CVSS: 9.8EPSS: 86%CPEs: 1EXPL: 1CVE-2022-0826 – WP Video Gallery <= 1.7.1 - Unauthenticated SQLi
https://notcve.org/view.php?id=CVE-2022-0826
13 Apr 2022 — The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users El plugin WP Video Gallery de WordPress versiones hasta 1.7.1, no sanea ni escapa de un parámetro antes de usarlo en una sentencia SQL por medio de una acción AJAX, conllevando a una inyección SQL explotable por usuarios no autenticados • https://wpscan.com/vulnerability/7a3eed3b-c643-4e24-b833-eba60ab631c5 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-38753
https://notcve.org/view.php?id=CVE-2021-38753
16 Aug 2021 — An unrestricted file upload on Simple Image Gallery Web App can be exploited to upload a web shell and executed to gain unauthorized access to the server hosting the web app. Una carga de archivos no restringida en la aplicación web Simple Image Gallery, puede ser explotada para cargar una shell web y ejecutada para conseguir acceso no autorizado al servidor que aloja la aplicación web. • https://github.com/dumpling-soup/Simple-Image-Gallery-Web-App/blob/main/README.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24349 – Gallery From Files <= 1.6.0 - Reflected Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-24349
26 May 2021 — This Gallery from files WordPress plugin through 1.6.0 gives the functionality of uploading images to the server. But filenames are not properly sanitized before being output in an error message when they have an invalid extension, leading to a reflected Cross-Site Scripting issue. Due to the lack of CSRF check, the attack could also be performed via such vector. Esta Galería del plugin de WordPress de archivos versiones hasta 1.6.0, otorga la funcionalidad de subir imágenes al servidor. Pero los nombres de... • https://wpscan.com/vulnerability/6bb4eb71-d702-4732-b01f-b723077d66ca • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.0EPSS: 11%CPEs: 1EXPL: 3CVE-2020-28687 – Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile
https://notcve.org/view.php?id=CVE-2020-28687
16 Nov 2020 — The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files. La funcionalidad edit profile en ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT AND MYSQL versión 1.0, permite a atacantes remotos cargar archivos Artworks Gallery version 1.0 suffers from multiple remote shell upload vulnerabilities. • https://packetstorm.news/files/id/160095 • CWE-434: Unrestricted Upload of File with Dangerous Type •