CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24462 – Photo Gallery by Ays - Responsive Image Gallery < 4.4.4 - Authenticated Blind SQL Injections
https://notcve.org/view.php?id=CVE-2021-24462
The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin before 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard Las funciones get_gallery_categories() y get_galleries() del plugin de WordPress Photo Gallery by Ays - Responsive Image Gallery versiones anteriores a 4.4.4, no usaban la lista blanca ni comprobaban el parámetro orderby antes de usarlo en las sentencias SQL pasadas a las llamadas a la base de datos get_results(), conllevando a problemas de inyección SQL en el panel de control del administrador • https://wpscan.com/vulnerability/e24dac6d-de48-42c1-bdde-4a45fb331376 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24310 – Photo Gallery < 1.5.67 - Authenticated Stored Cross-Site Scripting via Gallery Title
https://notcve.org/view.php?id=CVE-2021-24310
The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery in the admin dashboard. This is due to an incomplete fix of CVE-2019-16117 El plugin de WordPress Photo Gallery by 10Web - Mobile-Friendly Image Gallery versiones anteriores a 1.5.67, no saneaba apropiadamente el título de la galería, permitiendo a usuarios muy privilegiados crear uno con carga útil de tipo XSS, el cual se desencadenará cuando otro usuario visualice la lista de la galería o la galería afectada en el panel de administración. Esto es debido a una correción incompleta de CVE-2019-16117 • https://wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2021-24291 – Photo Gallery < 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-24291
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET parameters passed to the bwg_frontend_data AJAX action (available to both unauthenticated and authenticated users) El plugin de WordPress The Photo Gallery by 10Web - Mobile-Friendly Image Gallery, versiones anteriores a 1.5.69, era vulnerable a problemas de tipo cross-site scripting (XSS) reflejado mediante los parámetros GET gallery_id, tag, album_id y _id pasados ??en la acción AJAX bwg_frontend_data (disponible para usuarios autenticados y no autenticados) • https://packetstormsecurity.com/files/162227 https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-46889 – Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.5.68 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-46889
The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693. The Photo Gallery by 10Web plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'theme_id' parameter in versions up to, and including, 1.5.68 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://packetstormsecurity.com/files/162227/WordPress-Photo-Gallery-1.5.69-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-25041 – Photo Gallery by 10Web < 1.5.68 - Reflected Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-25041
The Photo Gallery by 10Web WordPress plugin before 1.5.68 is vulnerable to Reflected Cross-Site Scripting (XSS) issues via the bwg_album_breadcrumb_0 and shortcode_id GET parameters passed to the bwg_frontend_data AJAX action El plugin Photo Gallery by 10Web de WordPress versiones anteriores a 1.5.68, es vulnerable a problemas de tipo Cross-Site Scripting (XSS) Reflejado por medio de los parámetros GET bwg_album_breadcrumb_0 y shortcode_id pasados a la acción AJAX bwg_frontend_data • https://plugins.trac.wordpress.org/changeset/2467205 https://wpscan.com/vulnerability/32aee3ea-e0af-44da-a16c-102c83eaed8f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •