NotCVE - vendor:"Wp Photo Album Plus" product:"Wp Photo Album Plus"

7 results (0.002 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-38713 – WordPress WP Photo Album Plus plugin <= 8.8.02.002 - Authenticated Stored Cross Site Scripting (XSS) vulnerability

https://notcve.org/view.php?id=CVE-2024-38713

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.02.002. Vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web (XSS o 'Cross-site Scripting') en JN Breetvelt, también conocido como OpaJaap WP Photo Album Plus, permite XSS almacenado. Este problema afecta a WP Photo Album Plus: desde n/a hasta 8.8.02.002. • https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-8-01-007-authenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-31377 – WordPress WP Photo Album Plus plugin <= 8.7.01.001 - Unauth. Arbitrary File Upload vulnerability

https://notcve.org/view.php?id=CVE-2024-31377

Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.7.01.001. Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en JN Breetvelt, también conocido como OpaJaap WP Photo Album Plus. Este problema afecta a WP Photo Album Plus: desde n/a hasta 8.7.01.001. • https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-7-01-001-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-31286 – WordPress WP Photo Album Plus plugin < 8.6.03.005 - Arbitrary File Upload vulnerability

https://notcve.org/view.php?id=CVE-2024-31286

Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a before 8.6.03.005. Carga de archivos a sin restricciones con vulnerabilidad de tipo peligroso en J.N. Breetvelt también conocido como OpaJaap WP Photo Album Plus. • https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-6-03-005-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-49774 – WordPress WP Photo Album Plus plugin <= 8.5.02.005 - IP Bypass vulnerability

https://notcve.org/view.php?id=CVE-2023-49774

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005. La exposición de información confidencial a una vulnerabilidad de actor no autorizado en JN Breetvelt, también conocido como OpaJaap WP Photo Album Plus, permite acceder a funciones no restringidas adecuadamente por las ACL. Este problema afecta a WP Photo Album Plus: desde n/a hasta 8.5.02.005. • https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-5-02-005-ip-bypass-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-348: Use of Less Trusted Source •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-49813 – WordPress WP Photo Album Plus Plugin <= 8.5.02.005 is vulnerable to Cross Site Scripting (XSS)

https://notcve.org/view.php?id=CVE-2023-49813

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005. Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('Cross-site Scripting') en J.N. Breetvelt a.K.A. • https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-5-02-005-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2