CVE-2022-4058
Photo Gallery < 1.8.3 - Stored XSS via CSRF
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control.
El complemento Photo Gallery de 10Web para WordPress anterior a 1.8.3 no valida ni escapa algunos parámetros antes de volver a generarlos en código JS más adelante en otra página, lo que podría provocar un problema de XSS almacenado cuando un atacante hace que un administrador que ha iniciado sesión abra un archivo malicioso, URL o página bajo su control.
The Photo Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.2. This is due to missing or incorrect nonce validation one of its functions. This makes it possible for unauthenticated attackers to inject malicious JavaScript, that will execute whenever a user accesses a page under their control. This Cross-Site Scripting payload will trigger for that user only for the duration of their session.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-11-18 CVE Reserved
- 2022-11-28 CVE Published
- 2024-07-11 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://wpscan.com/vulnerability/89656cb3-4611-4ae7-b7f8-1b22eb75cfc4 | 2024-08-03 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
10web Search vendor "10web" | Photo Gallery Search vendor "10web" for product "Photo Gallery" | < 1.8.3 Search vendor "10web" for product "Photo Gallery" and version " < 1.8.3" | wordpress |
Affected
|