5 results (0.002 seconds)

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-10958 – WP Photo Album Plus <= 8.8.08.007 - Unauthenticated Arbitrary Shortcode Execution via getshortcodedrenderedfenodelay

https://notcve.org/view.php?id=CVE-2024-10958

The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. • https://plugins.trac.wordpress.org/browser/wp-photo-album-plus/tags/8.8.08.004/wppa-ajax.php#L1238 https://plugins.trac.wordpress.org/changeset/3184852 https://wordpress.org/plugins/wp-photo-album-plus/#developers https://www.wordfence.com/threat-intel/vulnerabilities/id/53bb0871-343a-4299-9902-682c422152d1?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-9951 – Wordpress Photo Album Plus <= 8.8.05.003 - Reflected Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2024-9951

The WP Photo Album Plus plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wppa-tab' parameter in all versions up to, and including, 8.8.05.003 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. El complemento WP Photo Album Plus para WordPress es vulnerable a ataques de Cross-Site Scripting reflejado a través del parámetro 'wppa-tab' en todas las versiones hasta la 8.8.05.003 incluida, debido a una desinfección de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en páginas que se ejecutan si logran engañar a un usuario para que realice una acción, como hacer clic en un enlace. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3170202%40wp-photo-album-plus&new=3170202%40wp-photo-album-plus&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/3a4f0c06-db88-4950-b1f5-b2aab480c974?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-4037 – WP Photo Album Plus <= 8.7.02.003 - Unauthenticated Arbitrary Shortcode Execution

https://notcve.org/view.php?id=CVE-2024-4037

The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.7.02.003. This is due to the plugin allowing unauthenticated users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. El complemento WP Photo Album Plus para WordPress es vulnerable a la ejecución arbitraria de códigos cortos en todas las versiones hasta la 8.7.02.003 incluida. Esto se debe a que el complemento permite a usuarios no autenticados ejecutar una acción que no valida correctamente un valor antes de ejecutar do_shortcode. • https://plugins.trac.wordpress.org/browser/wp-photo-album-plus/trunk/wppa-ajax.php#L1138 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3078746%40wp-photo-album-plus&new=3078746%40wp-photo-album-plus&sfp_email=&sfph_mail=#file3 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3079831%40wp-photo-album-plus&new=3079831%40wp-photo-album-plus&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/3d6b95ee • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 3

CVE-2015-3647 – WP Photo Album Plus < 6.1.3 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2015-3647

Multiple cross-site scripting (XSS) vulnerabilities in wppa-ajax-front.php in the WP Photo Album Plus (aka WPPA) plugin before 6.1.3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) comemail or (2) comname parameter in a wppa do-comment action. Múltiples vulnerabilidades de XSS en wppa-ajax-front.php en el plugin WP Photo Album Plus (también conocido como WPPA) anterior a 6.1.3 para WordPress permiten a atacantes remotos inyectar secuencias de comandos arbitrarios o HTML a través del parámetro (1) comemail o (2) comname en una acción wppa do-comment. WordPress WP Photo Album Plus plugin version 6.1.2 suffers from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/131976/WordPress-WP-Photo-Album-Plus-6.1.2-Cross-Site-Scripting.html http://www.securityfocus.com/archive/1/535575/100/0/threaded http://www.securityfocus.com/bid/74741 https://wordpress.org/plugins/wp-photo-album-plus/changelog https://www.htbridge.com/advisory/HTB23257 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2013-3254 – WP Photo Album Plus < 5.0.3 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2013-3254

Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the WP Photo Album Plus plugin before 5.0.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the commentid parameter in a wppa_manage_comments edit action. Vulnerabilidad Cross-site scripting (XSS) en wp-admin/admin.php en el plugin WP Photo Album Plus anterior a v5.0.3 para WordPress permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro "commentid" en la acción de edición "wppa_manage_comments". • http://secunia.com/advisories/53105 http://wordpress.org/extend/plugins/wp-photo-album-plus/changelog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •