CVE-2019-14798 – Photo Gallery by 10Web <= 1.5.24 - Authenticated Local File Inclusion
https://notcve.org/view.php?id=CVE-2019-14798
The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter. El plugin 10Web Photo Gallery en versiones anteriores a 1.5.25 para WordPress, presenta una Inclusión de Archivos Locales Autenticada por medio de un salto de directorio en el parámetro wp-admin/admin-ajax.php?action=shortcode_bwg tagtext. • https://wordpress.org/plugins/photo-gallery/#developers https://wpvulndb.com/vulnerabilities/9361 https://www.pluginvulnerabilities.com/2019/05/14/authenticated-local-file-inclusion-lfi-vulnerability-in-photo-gallery-by-10web • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVE-2019-14797 – Photo Gallery by 10Web <= 1.5.22 - Authenticated Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-14797
The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS. El plugin 10Web Photo Gallery en versiones anteriores a 1.5.23 para WordPress, presenta una vulnerabilidad de tipo XSS almacenado autenticado. • https://wordpress.org/plugins/photo-gallery/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-12977 – Photo Gallery by 10Web <= 1.3.50 - Authenticated SQL Injection via tag_id Parameter
https://notcve.org/view.php?id=CVE-2017-12977
The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter. El plugin "Photo Gallery by WD - Responsive Photo Gallery" de Web-Dorado en su versión 1.3.51 para WordPress tiene una vulnerabilidad de inyección SQL que afecta a bwg_edit_tag() en photo-gallery.php y a edit_tag() en admin/controllers/BWGControllerTags_bwg.php. Los administradores lo podrían explotar mediante el parámetro tag_id. • https://github.com/jgj212/Advisories/blob/master/photo-gallery.1.3.50-SQL https://wordpress.org/plugins/photo-gallery/#developers • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2016-10918 – Photo Gallery by Supsystic <= 1.8.8 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2016-10918
The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF. El plugin gallery-by-supsystic versiones anteriores a 1.8.6 para WordPress, presenta una vulnerabilidad de tipo CSRF. The Photo Gallery by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.5. This is due to missing or incorrect nonce validation on the 'updateAttachment' action. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://wordpress.org/plugins/gallery-by-supsystic/#developers • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2015-2324 – Photo Gallery by 10Web <= 1.2.12 - Authenticated Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-2324
Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) en filemanager en las versiones anteriores a la 1.2.13 del plugin Photo Gallery para WordPress permite que los usuarios autenticados remotos con permiso de edición inyecten scripts web o HTML arbitrarios mediante vectores no especificados. • https://fortiguard.com/zeroday/FG-VD-15-009 https://github.com/wp-plugins/photo-gallery/blob/master/readme.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •