CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-28666 – InPost Gallery <= 2.1.4.1 - Reflected Cross-Site Scripting via 'imgurl'
https://notcve.org/view.php?id=CVE-2023-28666
20 Mar 2023 — The InPost Gallery WordPress plugin, in versions < 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'imgurl' parameter to the add_inpost_gallery_slide_item action, which can only be triggered by an authenticated user. The InPost Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘imgurl’ parameter of the add_inpost_gallery_slide_item action in versions up to, and including, 2.1.4.1 due to insufficient input sanitization and output escaping. This m... • https://www.tenable.com/security/research/tra-2023-3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 88%CPEs: 1EXPL: 2CVE-2022-4063 – InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE
https://notcve.org/view.php?id=CVE-2022-4063
28 Nov 2022 — The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers. El complemento de WordPress InPost Gallery anterior a 2.1.4.1 utiliza de forma insegura la función extract() de PHP al representar vistas HTML, lo que permite a los atacantes forzar la inclusión de archivos y archivos maliciosos. URL, que pueden permitirles ejecutar código en s... • https://github.com/im-hanzou/INPGer • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •