CVE-2023-37152
https://notcve.org/view.php?id=CVE-2023-37152
Projectworlds Online Art Gallery Project 1.0 allows unauthenticated users to perform arbitrary file uploads via the adminHome.php page. Note: This has been disputed as not a valid vulnerability. • https://github.com/Trinity-SYT-SECURITY/arbitrary-file-upload-RCE/blob/main/Online%20Art%20gallery%20project%201.0.md https://www.chtsecurity.com/news/ad3cee07-3e35-45c0-97f9-811cce13dda9 https://www.chtsecurity.com/news/afe25fb4-55ac-45d9-9ece-cbc1edda2fb2%20 https://www.exploit-db.com/exploits/51524 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2023-2561 – Gallery Metabox <= 1.5 - Missing Authorization via gallery_remove
https://notcve.org/view.php?id=CVE-2023-2561
The Gallery Metabox for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gallery_remove function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to modify galleries attached to posts and pages with this plugin. • https://plugins.trac.wordpress.org/browser/gallery-metabox/trunk/gallery-metabox.php?rev=611664#L233 https://www.wordfence.com/threat-intel/vulnerabilities/id/faad339f-96d6-4937-a1f3-9d2d19bc6395?source=cve • CWE-862: Missing Authorization •
CVE-2023-2562 – Gallery Metabox <= 1.5 - Missing Authorization via refresh_metabox
https://notcve.org/view.php?id=CVE-2023-2562
The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refresh_metabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post. • https://plugins.trac.wordpress.org/browser/gallery-metabox/trunk/gallery-metabox.php?rev=611664#L203 https://www.wordfence.com/threat-intel/vulnerabilities/id/951e4651-56d6-474d-84b3-5a7cfc357b9f?source=cve • CWE-862: Missing Authorization •
CVE-2023-33995 – Photo Gallery <= 1.8.15 - Missing Authorization
https://notcve.org/view.php?id=CVE-2023-33995
The Photo Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the check_score function called via an AJAX action in versions up to, and including, 1.8.15. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to check page speed score. • CWE-862: Missing Authorization •
CVE-2023-25473 – WordPress Flickr Justified Gallery Plugin <= 3.5 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25473
Cross-Site Request Forgery (CSRF) vulnerability in Miro Mannino Flickr Justified Gallery plugin <= 3.5 versions. The Flickr Justified Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5. This is due to missing or incorrect nonce validation on the fjgwpp_settings() function. This makes it possible for unauthenticated attackers to modify the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/flickr-justified-gallery/wordpress-flickr-justified-gallery-plugin-3-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •