Vulnerabilites related to https://fooplugins.com - FooGallery Premium
cve-2023-6947
Vulnerability from cvelistv5
Published
2024-12-10 05:24
Modified
2024-12-10 20:54
Severity ?
EPSS score ?
Summary
The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.26. This makes it possible for authenticated attackers, with contributor level or higher to read the contents of arbitrary folders on the server, which can contain sensitive information such as folder structure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| https://fooplugins.com | FooGallery Premium |
Version: * ≤ 2.4.26 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6947",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T20:53:29.163874Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T20:54:03.539Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FooGallery Premium",
"vendor": "https://fooplugins.com",
"versions": [
{
"lessThanOrEqual": "2.4.26",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Colin Xu"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Best WordPress Gallery Plugin \u2013 FooGallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.26. This makes it possible for authenticated attackers, with contributor level or higher to read the contents of arbitrary folders on the server, which can contain sensitive information such as folder structure."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-25",
"description": "CWE-25 Path Traversal: \u0027/../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T05:24:41.940Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/68420c5a-4add-4597-bd2a-20dc831e81bd?source=cve"
},
{
"url": "https://github.com/fooplugins/foogallery/pull/263/commits/9989f6f4f4d478ec04cb634d09b18c87a5b31c4d"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-09T17:12:04.000+00:00",
"value": "Disclosed"
}
],
"title": "Best WordPress Gallery Plugin \u2013 FooGallery \u003c= 2.4.16 - Authenticated (Contributor+) Directory Traversal"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-6947",
"datePublished": "2024-12-10T05:24:41.940Z",
"dateReserved": "2023-12-19T15:10:40.265Z",
"dateUpdated": "2024-12-10T20:54:03.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6747
Vulnerability from cvelistv5
Published
2024-01-03 08:29
Modified
2024-08-02 08:42
Severity ?
EPSS score ?
Summary
The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attributes in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping. This makes it possible for contributors and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | https://fooplugins.com | FooGallery Premium |
Version: * ≤ 2.3.3 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dce8ac32-cab8-4e05-bf6f-cc348d0c9472?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://fooplugins.com/foogallery-wordpress-gallery-plugin/pricing/"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/foogallery/tags/2.4.9/includes/functions.php#L1609"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/foogallery/tags/2.4.9/includes/class-gallery-advanced-settings.php?rev=3027668#L149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FooGallery Premium",
"vendor": "https://fooplugins.com",
"versions": [
{
"lessThanOrEqual": "2.3.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Best WordPress Gallery Plugin \u2013 FooGallery",
"vendor": "bradvin",
"versions": [
{
"lessThanOrEqual": "2.4.8",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Istv\u00e1n M\u00e1rton"
},
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
},
{
"lang": "en",
"type": "finder",
"value": "Debangshu Kundu"
},
{
"lang": "en",
"type": "finder",
"value": "Arpeet Rathi"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Best WordPress Gallery Plugin \u2013 FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attributes in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping. This makes it possible for contributors and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-30T14:03:55.552Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dce8ac32-cab8-4e05-bf6f-cc348d0c9472?source=cve"
},
{
"url": "https://fooplugins.com/foogallery-wordpress-gallery-plugin/pricing/"
},
{
"url": "https://plugins.trac.wordpress.org/browser/foogallery/tags/2.4.9/includes/functions.php#L1609"
},
{
"url": "https://plugins.trac.wordpress.org/browser/foogallery/tags/2.4.9/includes/class-gallery-advanced-settings.php?rev=3027668#L149"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-02T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-6747",
"datePublished": "2024-01-03T08:29:48.789Z",
"dateReserved": "2023-12-12T17:29:43.644Z",
"dateUpdated": "2024-08-02T08:42:07.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}