Vulnerabilites related to 10web - photo_gallery
cve-2022-1282
Vulnerability from cvelistv5
Published
2022-05-02 16:05
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web WordPress plugin before 1.6.3 does not properly sanitize the $_GET['image_url'] variable, which is reflected back to the users when executing the editimage_bwg AJAX action.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 1.6.3 < 1.6.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/37a58f4e-d2bc-4825-8e1b-4aaf0a1cf1b6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2706798%40photo-gallery\u0026old=2694928%40photo-gallery\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.6.3",
"status": "affected",
"version": "1.6.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "JrXnm"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.6.3 does not properly sanitize the $_GET[\u0027image_url\u0027] variable, which is reflected back to the users when executing the editimage_bwg AJAX action."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-02T16:05:58",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/37a58f4e-d2bc-4825-8e1b-4aaf0a1cf1b6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2706798%40photo-gallery\u0026old=2694928%40photo-gallery\u0026sfp_email=\u0026sfph_mail="
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Photo Gallery \u003c 1.6.3 - Reflected Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-1282",
"STATE": "PUBLIC",
"TITLE": "Photo Gallery \u003c 1.6.3 - Reflected Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.6.3",
"version_value": "1.6.3"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "JrXnm"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.6.3 does not properly sanitize the $_GET[\u0027image_url\u0027] variable, which is reflected back to the users when executing the editimage_bwg AJAX action."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/37a58f4e-d2bc-4825-8e1b-4aaf0a1cf1b6",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/37a58f4e-d2bc-4825-8e1b-4aaf0a1cf1b6"
},
{
"name": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2706798%40photo-gallery\u0026old=2694928%40photo-gallery\u0026sfp_email=\u0026sfph_mail=",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2706798%40photo-gallery\u0026old=2694928%40photo-gallery\u0026sfp_email=\u0026sfph_mail="
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-1282",
"datePublished": "2022-05-02T16:05:58",
"dateReserved": "2022-04-08T00:00:00",
"dateUpdated": "2024-08-02T23:55:24.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-14797
Vulnerability from cvelistv5
Published
2019-08-09 13:30
Modified
2024-08-05 00:26
Severity ?
EPSS score ?
Summary
The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/photo-gallery/#developers | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:26:39.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-09T13:30:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14797",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/photo-gallery/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-14797",
"datePublished": "2019-08-09T13:30:40",
"dateReserved": "2019-08-09T00:00:00",
"dateUpdated": "2024-08-05T00:26:39.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-24291
Vulnerability from cvelistv5
Published
2021-05-14 11:38
Modified
2024-08-03 19:28
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET parameters passed to the bwg_frontend_data AJAX action (available to both unauthenticated and authenticated users)
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a | x_refsource_CONFIRM | |
| https://packetstormsecurity.com/files/162227/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Photo Gallery Team | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 1.5.69 < 1.5.69 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:28:23.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/162227/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "Photo Gallery Team",
"versions": [
{
"lessThan": "1.5.69",
"status": "affected",
"version": "1.5.69",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ThuraMoeMyint"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET parameters passed to the bwg_frontend_data AJAX action (available to both unauthenticated and authenticated users)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-14T11:38:18",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/162227/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Photo Gallery \u003c 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS)",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24291",
"STATE": "PUBLIC",
"TITLE": "Photo Gallery \u003c 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.5.69",
"version_value": "1.5.69"
}
]
}
}
]
},
"vendor_name": "Photo Gallery Team"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ThuraMoeMyint"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET parameters passed to the bwg_frontend_data AJAX action (available to both unauthenticated and authenticated users)"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a"
},
{
"name": "https://packetstormsecurity.com/files/162227/",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/162227/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24291",
"datePublished": "2021-05-14T11:38:18",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:28:23.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-24362
Vulnerability from cvelistv5
Published
2021-08-16 10:48
Modified
2024-08-03 19:28
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded SVG files added to a gallery do not contain malicious content. As a result, users allowed to add images to gallery can upload an SVG file containing JavaScript code, which will be executed when accessing the image directly (ie in the /wp-content/uploads/photo-gallery/ folder), leading to a Cross-Site Scripting (XSS) issue
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/57823dcb-2149-47f7-aae2-d9f04dce851a | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 1.5.75 < 1.5.75 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:28:23.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/57823dcb-2149-47f7-aae2-d9f04dce851a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.5.75",
"status": "affected",
"version": "1.5.75",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "avolume"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded SVG files added to a gallery do not contain malicious content. As a result, users allowed to add images to gallery can upload an SVG file containing JavaScript code, which will be executed when accessing the image directly (ie in the /wp-content/uploads/photo-gallery/ folder), leading to a Cross-Site Scripting (XSS) issue"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-16T10:48:16",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/57823dcb-2149-47f7-aae2-d9f04dce851a"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Photo Gallery \u003c 1.5.75 - Stored Cross-Site Scripting via Uploaded SVG",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24362",
"STATE": "PUBLIC",
"TITLE": "Photo Gallery \u003c 1.5.75 - Stored Cross-Site Scripting via Uploaded SVG"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.5.75",
"version_value": "1.5.75"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "avolume"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded SVG files added to a gallery do not contain malicious content. As a result, users allowed to add images to gallery can upload an SVG file containing JavaScript code, which will be executed when accessing the image directly (ie in the /wp-content/uploads/photo-gallery/ folder), leading to a Cross-Site Scripting (XSS) issue"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/57823dcb-2149-47f7-aae2-d9f04dce851a",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/57823dcb-2149-47f7-aae2-d9f04dce851a"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24362",
"datePublished": "2021-08-16T10:48:16",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:28:23.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-1281
Vulnerability from cvelistv5
Published
2022-05-02 16:05
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST['filter_tag'] parameter, which is appended to an SQL query, making SQL Injection attacks possible.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 1.6.3 < 1.6.3* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/2b4866f2-f511-41c6-8135-cf1e0263d8de"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2706797/photo-gallery/trunk/frontend/models/BWGModelGalleryBox.php?old=2587758\u0026old_path=photo-gallery%2Ftrunk%2Ffrontend%2Fmodels%2FBWGModelGalleryBox.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "Unknown",
"versions": [
{
"changes": [
{
"at": "1.6.3",
"status": "unaffected"
}
],
"lessThan": "1.6.3*",
"status": "affected",
"version": "1.6.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "JrXnm"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST[\u0027filter_tag\u0027] parameter, which is appended to an SQL query, making SQL Injection attacks possible."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-02T16:05:57",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/2b4866f2-f511-41c6-8135-cf1e0263d8de"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2706797/photo-gallery/trunk/frontend/models/BWGModelGalleryBox.php?old=2587758\u0026old_path=photo-gallery%2Ftrunk%2Ffrontend%2Fmodels%2FBWGModelGalleryBox.php"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Photo Gallery \u003c 1.6.3 - Unauthenticated SQL Injection",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-1281",
"STATE": "PUBLIC",
"TITLE": "Photo Gallery \u003c 1.6.3 - Unauthenticated SQL Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "1.6.3",
"version_value": "1.6.3"
},
{
"version_affected": "\u003c",
"version_name": "1.6.3",
"version_value": "1.6.3"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "JrXnm"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST[\u0027filter_tag\u0027] parameter, which is appended to an SQL query, making SQL Injection attacks possible."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/2b4866f2-f511-41c6-8135-cf1e0263d8de",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/2b4866f2-f511-41c6-8135-cf1e0263d8de"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2706797/photo-gallery/trunk/frontend/models/BWGModelGalleryBox.php?old=2587758\u0026old_path=photo-gallery%2Ftrunk%2Ffrontend%2Fmodels%2FBWGModelGalleryBox.php",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2706797/photo-gallery/trunk/frontend/models/BWGModelGalleryBox.php?old=2587758\u0026old_path=photo-gallery%2Ftrunk%2Ffrontend%2Fmodels%2FBWGModelGalleryBox.php"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-1281",
"datePublished": "2022-05-02T16:05:57",
"dateReserved": "2022-04-08T00:00:00",
"dateUpdated": "2024-08-02T23:55:24.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0169
Vulnerability from cvelistv5
Published
2022-03-14 14:41
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL injection
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c | x_refsource_MISC | |
| https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 1.6.0 < 1.6.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.6.0",
"status": "affected",
"version": "1.6.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Krzysztof Zaj\u0105c"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL injection"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-14T14:41:22",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Photo Gallery by 10Web \u003c 1.6.0 - Unauthenticated SQL Injection",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-0169",
"STATE": "PUBLIC",
"TITLE": "Photo Gallery by 10Web \u003c 1.6.0 - Unauthenticated SQL Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.6.0",
"version_value": "1.6.0"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zaj\u0105c"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL injection"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0169",
"datePublished": "2022-03-14T14:41:22",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-02T23:18:41.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-4058
Vulnerability from cvelistv5
Published
2022-12-19 13:41
Modified
2024-08-03 01:27
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/89656cb3-4611-4ae7-b7f8-1b22eb75cfc4 | exploit, vdb-entry, technical-description |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Photo Gallery by 10Web |
Version: 0 < 1.8.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:27:54.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/89656cb3-4611-4ae7-b7f8-1b22eb75cfc4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.8.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Krzysztof Zaj\u0105c"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-19T13:41:43.962Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/89656cb3-4611-4ae7-b7f8-1b22eb75cfc4"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Photo Gallery \u003c 1.8.3 - Stored XSS via CSRF",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-4058",
"datePublished": "2022-12-19T13:41:43.962Z",
"dateReserved": "2022-11-18T13:01:58.873Z",
"dateUpdated": "2024-08-03T01:27:54.541Z",
"requesterUserId": "dc9e157c-ddf1-4983-adaf-9f01d16b5e04",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9335
Vulnerability from cvelistv5
Published
2020-02-25 16:35
Modified
2024-08-04 10:26
Severity ?
EPSS score ?
Summary
Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/photo-gallery/#developers | x_refsource_MISC | |
| https://wpvulndb.com/vulnerabilities/10088 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:26:16.104Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/10088"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-25T16:35:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/10088"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-9335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/photo-gallery/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"name": "https://wpvulndb.com/vulnerabilities/10088",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/10088"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-9335",
"datePublished": "2020-02-25T16:35:58",
"dateReserved": "2020-02-22T00:00:00",
"dateUpdated": "2024-08-04T10:26:16.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25041
Vulnerability from cvelistv5
Published
2021-12-06 15:55
Modified
2024-08-03 19:49
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web WordPress plugin before 1.5.68 is vulnerable to Reflected Cross-Site Scripting (XSS) issues via the bwg_album_breadcrumb_0 and shortcode_id GET parameters passed to the bwg_frontend_data AJAX action
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/32aee3ea-e0af-44da-a16c-102c83eaed8f | x_refsource_MISC | |
| https://plugins.trac.wordpress.org/changeset/2467205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 1.5.68 < 1.5.68 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:14.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/32aee3ea-e0af-44da-a16c-102c83eaed8f"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2467205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.5.68",
"status": "affected",
"version": "1.5.68",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ThuraMoeMyint"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.5.68 is vulnerable to Reflected Cross-Site Scripting (XSS) issues via the bwg_album_breadcrumb_0 and shortcode_id GET parameters passed to the bwg_frontend_data AJAX action"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-06T15:55:40",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/32aee3ea-e0af-44da-a16c-102c83eaed8f"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2467205"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Photo Gallery by 10Web \u003c 1.5.68 - Reflected Cross-Site Scripting (XSS)",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-25041",
"STATE": "PUBLIC",
"TITLE": "Photo Gallery by 10Web \u003c 1.5.68 - Reflected Cross-Site Scripting (XSS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.5.68",
"version_value": "1.5.68"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ThuraMoeMyint"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.5.68 is vulnerable to Reflected Cross-Site Scripting (XSS) issues via the bwg_album_breadcrumb_0 and shortcode_id GET parameters passed to the bwg_frontend_data AJAX action"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/32aee3ea-e0af-44da-a16c-102c83eaed8f",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/32aee3ea-e0af-44da-a16c-102c83eaed8f"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2467205",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2467205"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-25041",
"datePublished": "2021-12-06T15:55:40",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:49:14.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2324
Vulnerability from cvelistv5
Published
2018-02-19 19:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/wp-plugins/photo-gallery/blob/master/readme.txt | x_refsource_CONFIRM | |
| https://fortiguard.com/zeroday/FG-VD-15-009 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:15.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wp-plugins/photo-gallery/blob/master/readme.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/zeroday/FG-VD-15-009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-19T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wp-plugins/photo-gallery/blob/master/readme.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/zeroday/FG-VD-15-009"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wp-plugins/photo-gallery/blob/master/readme.txt",
"refsource": "CONFIRM",
"url": "https://github.com/wp-plugins/photo-gallery/blob/master/readme.txt"
},
{
"name": "https://fortiguard.com/zeroday/FG-VD-15-009",
"refsource": "MISC",
"url": "https://fortiguard.com/zeroday/FG-VD-15-009"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2324",
"datePublished": "2018-02-19T19:00:00",
"dateReserved": "2015-03-18T00:00:00",
"dateUpdated": "2024-08-06T05:10:15.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-0221
Vulnerability from cvelistv5
Published
2024-02-05 21:21
Modified
2024-08-21 17:50
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This makes it possible for authenticated attackers to rename arbitrary files on the server. This can lead to site takeovers if the wp-config.php file of a site can be renamed. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery management permissions to lower level users, which might make this exploitable by users as low as contributors.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: * ≤ 1.8.19 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3a3b8f32-f29d-4e67-8fad-202bfc8a9918?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L441"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L291"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3022981%40photo-gallery%2Ftrunk\u0026old=3013021%40photo-gallery%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "photo_gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.19",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0221",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T14:53:53.625270Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T17:50:04.788Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.19",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bence Szalai"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This makes it possible for authenticated attackers to rename arbitrary files on the server. This can lead to site takeovers if the wp-config.php file of a site can be renamed. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery management permissions to lower level users, which might make this exploitable by users as low as contributors."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-05T21:21:40.205Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3a3b8f32-f29d-4e67-8fad-202bfc8a9918?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L441"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L291"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3022981%40photo-gallery%2Ftrunk\u0026old=3013021%40photo-gallery%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-19T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-0221",
"datePublished": "2024-02-05T21:21:40.205Z",
"dateReserved": "2024-01-03T17:13:13.386Z",
"dateUpdated": "2024-08-21T17:50:04.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12977
Vulnerability from cvelistv5
Published
2017-08-21 01:00
Modified
2024-09-16 19:11
Severity ?
EPSS score ?
Summary
The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/photo-gallery/#developers | x_refsource_MISC | |
| https://github.com/jgj212/Advisories/blob/master/photo-gallery.1.3.50-SQL | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:51:07.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jgj212/Advisories/blob/master/photo-gallery.1.3.50-SQL"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Web-Dorado \"Photo Gallery by WD - Responsive Photo Gallery\" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-21T01:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jgj212/Advisories/blob/master/photo-gallery.1.3.50-SQL"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12977",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Web-Dorado \"Photo Gallery by WD - Responsive Photo Gallery\" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/photo-gallery/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"name": "https://github.com/jgj212/Advisories/blob/master/photo-gallery.1.3.50-SQL",
"refsource": "MISC",
"url": "https://github.com/jgj212/Advisories/blob/master/photo-gallery.1.3.50-SQL"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12977",
"datePublished": "2017-08-21T01:00:00Z",
"dateReserved": "2017-08-20T00:00:00Z",
"dateUpdated": "2024-09-16T19:11:00.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-24363
Vulnerability from cvelistv5
Published
2021-08-16 10:48
Modified
2024-08-03 19:28
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/1628935f-1d7d-4609-b7a9-e5526499c974 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 1.5.75 < 1.5.75 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:28:23.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/1628935f-1d7d-4609-b7a9-e5526499c974"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.5.75",
"status": "affected",
"version": "1.5.75",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "avolume"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-16T10:48:17",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/1628935f-1d7d-4609-b7a9-e5526499c974"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Photo Gallery \u003c 1.5.75 - File Upload Path Traversal",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24363",
"STATE": "PUBLIC",
"TITLE": "Photo Gallery \u003c 1.5.75 - File Upload Path Traversal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.5.75",
"version_value": "1.5.75"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "avolume"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/1628935f-1d7d-4609-b7a9-e5526499c974",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/1628935f-1d7d-4609-b7a9-e5526499c974"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24363",
"datePublished": "2021-08-16T10:48:17",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:28:23.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-16117
Vulnerability from cvelistv5
Published
2019-09-08 22:49
Modified
2024-08-05 01:03
Severity ?
EPSS score ?
Summary
Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/models/Galleries.php.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/models/Galleries.php?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fmodels%2FGalleries.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/models/Galleries.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T00:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/models/Galleries.php?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fmodels%2FGalleries.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/models/Galleries.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/photo-gallery/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/models/Galleries.php?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fmodels%2FGalleries.php",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/models/Galleries.php?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fmodels%2FGalleries.php"
},
{
"name": "https://wpvulndb.com/vulnerabilities/9872",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"name": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16117",
"datePublished": "2019-09-08T22:49:24",
"dateReserved": "2019-09-08T00:00:00",
"dateUpdated": "2024-08-05T01:03:32.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-1427
Vulnerability from cvelistv5
Published
2023-04-17 12:17
Modified
2025-02-06 15:29
Severity ?
EPSS score ?
Summary
- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/c8917ba2-4cb3-4b09-8a49-b7c612254946 | exploit, vdb-entry, technical-description |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Photo Gallery by 10Web |
Version: 0 < 1.8.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:49:11.507Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/c8917ba2-4cb3-4b09-8a49-b7c612254946"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-1427",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T15:29:28.655584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T15:29:34.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.8.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nguyen Huu Do"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T12:17:41.603Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/c8917ba2-4cb3-4b09-8a49-b7c612254946"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Photo Gallery by 10Web \u003c 1.8.15 - Admin+ Path Traversal",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2023-1427",
"datePublished": "2023-04-17T12:17:41.603Z",
"dateReserved": "2023-03-16T10:39:16.489Z",
"dateUpdated": "2025-02-06T15:29:34.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5481
Vulnerability from cvelistv5
Published
2024-06-07 09:33
Modified
2024-08-01 21:11
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: * ≤ 1.8.23 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T18:35:17.646938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T18:36:39.514Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
},
{
"tags": [
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.23",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tobias Wei\u00dfhaar"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-35 Path Traversal: \u0027.../...//\u0027",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T09:33:36.357Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
},
{
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-06T21:19:21.000+00:00",
"value": "Disclosed"
}
],
"title": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery \u003c= 1.8.23 - Authenticated (Contributor+) Path Traversal via esc_dir Function"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5481",
"datePublished": "2024-06-07T09:33:36.357Z",
"dateReserved": "2024-05-29T18:04:13.803Z",
"dateUpdated": "2024-08-01T21:11:12.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9312
Vulnerability from cvelistv5
Published
2017-08-28 15:00
Modified
2024-08-06 13:40
Severity ?
EPSS score ?
Summary
Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/130104/Photo-Gallery-1.2.5-Shell-Upload.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/72620 | vdb-entry, x_refsource_BID | |
| http://packetstormsecurity.com/files/130384/WordPress-Photo-Gallery-1.2.5-Unrestricted-File-Upload.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:24.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130104/Photo-Gallery-1.2.5-Shell-Upload.html"
},
{
"name": "72620",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72620"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130384/WordPress-Photo-Gallery-1.2.5-Unrestricted-File-Upload.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted File Upload vulnerability in Photo Gallery 1.2.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130104/Photo-Gallery-1.2.5-Shell-Upload.html"
},
{
"name": "72620",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72620"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130384/WordPress-Photo-Gallery-1.2.5-Unrestricted-File-Upload.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted File Upload vulnerability in Photo Gallery 1.2.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/130104/Photo-Gallery-1.2.5-Shell-Upload.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130104/Photo-Gallery-1.2.5-Shell-Upload.html"
},
{
"name": "72620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72620"
},
{
"name": "http://packetstormsecurity.com/files/130384/WordPress-Photo-Gallery-1.2.5-Unrestricted-File-Upload.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130384/WordPress-Photo-Gallery-1.2.5-Unrestricted-File-Upload.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9312",
"datePublished": "2017-08-28T15:00:00",
"dateReserved": "2014-12-07T00:00:00",
"dateUpdated": "2024-08-06T13:40:24.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1393
Vulnerability from cvelistv5
Published
2015-02-02 15:00
Modified
2024-08-06 04:40
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/534569/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://plugins.trac.wordpress.org/changeset/1074134/photo-gallery | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150128 [CVE-2015-1393] Photo Gallery (Wordpress Plugin) - SQL Injection in Version 1.2.8",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534569/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/1074134/photo-gallery"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20150128 [CVE-2015-1393] Photo Gallery (Wordpress Plugin) - SQL Injection in Version 1.2.8",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534569/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/1074134/photo-gallery"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150128 [CVE-2015-1393] Photo Gallery (Wordpress Plugin) - SQL Injection in Version 1.2.8",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534569/100/0/threaded"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/1074134/photo-gallery",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/1074134/photo-gallery"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1393",
"datePublished": "2015-02-02T15:00:00",
"dateReserved": "2015-01-27T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1055
Vulnerability from cvelistv5
Published
2015-01-16 15:00
Modified
2024-09-16 16:38
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the order_by parameter in a GalleryBox action to wp-admin/admin-ajax.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/72015 | vdb-entry, x_refsource_BID | |
| http://seclists.org/fulldisclosure/2015/Jan/36 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:19.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "72015",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72015"
},
{
"name": "20150112 Wordpress Photo Gallery 1.2.7 unauthenticated SQL injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/36"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the order_by parameter in a GalleryBox action to wp-admin/admin-ajax.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-01-16T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "72015",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72015"
},
{
"name": "20150112 Wordpress Photo Gallery 1.2.7 unauthenticated SQL injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/36"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the order_by parameter in a GalleryBox action to wp-admin/admin-ajax.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "72015",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72015"
},
{
"name": "20150112 Wordpress Photo Gallery 1.2.7 unauthenticated SQL injection",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jan/36"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1055",
"datePublished": "2015-01-16T15:00:00Z",
"dateReserved": "2015-01-16T00:00:00Z",
"dateUpdated": "2024-09-16T16:38:56.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-16118
Vulnerability from cvelistv5
Published
2019-09-08 22:49
Modified
2024-08-05 01:03
Severity ?
EPSS score ?
Summary
Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Options.php?old=2142624\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FOptions.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/js/bwg.js?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fjs%2Fbwg.js"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T00:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Options.php?old=2142624\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FOptions.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/js/bwg.js?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fjs%2Fbwg.js"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16118",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/photo-gallery/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Options.php?old=2142624\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FOptions.php",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Options.php?old=2142624\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FOptions.php"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/js/bwg.js?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fjs%2Fbwg.js",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/js/bwg.js?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fjs%2Fbwg.js"
},
{
"name": "https://wpvulndb.com/vulnerabilities/9872",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"name": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16118",
"datePublished": "2019-09-08T22:49:11",
"dateReserved": "2019-09-08T00:00:00",
"dateUpdated": "2024-08-05T01:03:32.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1394
Vulnerability from cvelistv5
Published
2020-02-08 16:45
Modified
2024-08-06 04:40
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Photo Gallery plugin before 1.2.11 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) sort_by, (2) sort_order, (3) items_view, (4) dir, (5) clipboard_task, (6) clipboard_files, (7) clipboard_src, or (8) clipboard_dest parameters in an addImages action to wp-admin/admin-ajax.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/photo-gallery/changelog/ | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/archive/1/534568/100/0/threaded | x_refsource_MISC | |
| https://plugins.trac.wordpress.org/changeset/1073334/ | x_refsource_MISC | |
| https://plugins.trac.wordpress.org/changeset/1076678/photo-gallery | x_refsource_MISC | |
| https://seclists.org/bugtraq/2015/Jan/140 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/changelog/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/534568/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/1073334/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/1076678/photo-gallery"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2015/Jan/140"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Photo Gallery plugin before 1.2.11 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) sort_by, (2) sort_order, (3) items_view, (4) dir, (5) clipboard_task, (6) clipboard_files, (7) clipboard_src, or (8) clipboard_dest parameters in an addImages action to wp-admin/admin-ajax.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-08T16:45:44",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/photo-gallery/changelog/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/534568/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset/1073334/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset/1076678/photo-gallery"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/bugtraq/2015/Jan/140"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1394",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Photo Gallery plugin before 1.2.11 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) sort_by, (2) sort_order, (3) items_view, (4) dir, (5) clipboard_task, (6) clipboard_files, (7) clipboard_src, or (8) clipboard_dest parameters in an addImages action to wp-admin/admin-ajax.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/photo-gallery/changelog/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/photo-gallery/changelog/"
},
{
"name": "http://www.securityfocus.com/archive/1/archive/1/534568/100/0/threaded",
"refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/archive/1/534568/100/0/threaded"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/1073334/",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/1073334/"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/1076678/photo-gallery",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/1076678/photo-gallery"
},
{
"name": "https://seclists.org/bugtraq/2015/Jan/140",
"refsource": "MISC",
"url": "https://seclists.org/bugtraq/2015/Jan/140"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1394",
"datePublished": "2020-02-08T16:45:44",
"dateReserved": "2015-01-27T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-14798
Vulnerability from cvelistv5
Published
2019-08-09 13:29
Modified
2024-08-05 00:26
Severity ?
EPSS score ?
Summary
The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/photo-gallery/#developers | x_refsource_MISC | |
| https://www.pluginvulnerabilities.com/2019/05/14/authenticated-local-file-inclusion-lfi-vulnerability-in-photo-gallery-by-10web/ | x_refsource_MISC | |
| https://wpvulndb.com/vulnerabilities/9361 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:26:39.062Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pluginvulnerabilities.com/2019/05/14/authenticated-local-file-inclusion-lfi-vulnerability-in-photo-gallery-by-10web/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9361"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-13T08:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pluginvulnerabilities.com/2019/05/14/authenticated-local-file-inclusion-lfi-vulnerability-in-photo-gallery-by-10web/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9361"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14798",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/photo-gallery/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"name": "https://www.pluginvulnerabilities.com/2019/05/14/authenticated-local-file-inclusion-lfi-vulnerability-in-photo-gallery-by-10web/",
"refsource": "MISC",
"url": "https://www.pluginvulnerabilities.com/2019/05/14/authenticated-local-file-inclusion-lfi-vulnerability-in-photo-gallery-by-10web/"
},
{
"name": "https://wpvulndb.com/vulnerabilities/9361",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9361"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-14798",
"datePublished": "2019-08-09T13:29:40",
"dateReserved": "2019-08-09T00:00:00",
"dateUpdated": "2024-08-05T00:26:39.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-1394
Vulnerability from cvelistv5
Published
2022-06-06 08:50
Modified
2024-08-03 00:03
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web WordPress plugin before 1.6.4 does not properly validate and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/f7a0df37-3204-4926-84ec-2204a2f22de3 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 1.6.4 < 1.6.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:03:06.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/f7a0df37-3204-4926-84ec-2204a2f22de3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.6.4",
"status": "affected",
"version": "1.6.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "0ppr2s"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.6.4 does not properly validate and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T08:50:56",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/f7a0df37-3204-4926-84ec-2204a2f22de3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Photo Gallery \u003c 1.6.4 - Admin+ Stored Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-1394",
"STATE": "PUBLIC",
"TITLE": "Photo Gallery \u003c 1.6.4 - Admin+ Stored Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.6.4",
"version_value": "1.6.4"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "0ppr2s"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.6.4 does not properly validate and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/f7a0df37-3204-4926-84ec-2204a2f22de3",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/f7a0df37-3204-4926-84ec-2204a2f22de3"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-1394",
"datePublished": "2022-06-06T08:50:56",
"dateReserved": "2022-04-19T00:00:00",
"dateUpdated": "2024-08-03T00:03:06.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-24310
Vulnerability from cvelistv5
Published
2021-06-01 11:33
Modified
2024-08-03 19:28
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery in the admin dashboard. This is due to an incomplete fix of CVE-2019-16117
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 1.5.67 < 1.5.67 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:28:23.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10Web",
"versions": [
{
"lessThan": "1.5.67",
"status": "affected",
"version": "1.5.67",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "avolume"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery in the admin dashboard. This is due to an incomplete fix of CVE-2019-16117"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-01T11:33:29",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Photo Gallery \u003c 1.5.67 - Authenticated Stored Cross-Site Scripting via Gallery Title",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24310",
"STATE": "PUBLIC",
"TITLE": "Photo Gallery \u003c 1.5.67 - Authenticated Stored Cross-Site Scripting via Gallery Title"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.5.67",
"version_value": "1.5.67"
}
]
}
}
]
},
"vendor_name": "10Web"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "avolume"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery in the admin dashboard. This is due to an incomplete fix of CVE-2019-16117"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24310",
"datePublished": "2021-06-01T11:33:29",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:28:23.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-46889
Vulnerability from cvelistv5
Published
2023-06-07 00:00
Modified
2024-08-04 05:17
Severity ?
EPSS score ?
Summary
The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/162227/WordPress-Photo-Gallery-1.5.69-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-07T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://packetstormsecurity.com/files/162227/WordPress-Photo-Gallery-1.5.69-Cross-Site-Scripting.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-46889",
"datePublished": "2023-06-07T00:00:00",
"dateReserved": "2023-06-07T00:00:00",
"dateUpdated": "2024-08-04T05:17:42.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-16119
Vulnerability from cvelistv5
Published
2019-09-08 22:48
Modified
2024-08-05 01:10
Severity ?
EPSS score ?
Summary
SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php album_id parameter.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:10:39.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Albumsgalleries.php?old=1845136\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FAlbumsgalleries.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154432/WordPress-Photo-Gallery-1.5.34-SQL-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php album_id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T00:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Albumsgalleries.php?old=1845136\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FAlbumsgalleries.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154432/WordPress-Photo-Gallery-1.5.34-SQL-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php album_id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/photo-gallery/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Albumsgalleries.php?old=1845136\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FAlbumsgalleries.php",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Albumsgalleries.php?old=1845136\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FAlbumsgalleries.php"
},
{
"name": "https://wpvulndb.com/vulnerabilities/9872",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"name": "http://packetstormsecurity.com/files/154432/WordPress-Photo-Gallery-1.5.34-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154432/WordPress-Photo-Gallery-1.5.34-SQL-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16119",
"datePublished": "2019-09-08T22:48:58",
"dateReserved": "2019-09-08T00:00:00",
"dateUpdated": "2024-08-05T01:10:39.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-9380
Vulnerability from cvelistv5
Published
2019-08-30 12:26
Modified
2024-08-06 08:51
Severity ?
EPSS score ?
Summary
The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/photo-gallery/#developers | x_refsource_MISC | |
| https://wpvulndb.com/vulnerabilities/7225 | x_refsource_MISC | |
| https://wordpress.org/support/topic/this-plugin-is-reported-as-vulnerable/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:51:05.280Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/7225"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/support/topic/this-plugin-is-reported-as-vulnerable/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The photo-gallery plugin before 1.2.42 for WordPress has CSRF."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-30T12:26:50",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/7225"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/support/topic/this-plugin-is-reported-as-vulnerable/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The photo-gallery plugin before 1.2.42 for WordPress has CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/photo-gallery/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"name": "https://wpvulndb.com/vulnerabilities/7225",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/7225"
},
{
"name": "https://wordpress.org/support/topic/this-plugin-is-reported-as-vulnerable/",
"refsource": "MISC",
"url": "https://wordpress.org/support/topic/this-plugin-is-reported-as-vulnerable/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-9380",
"datePublished": "2019-08-30T12:26:50",
"dateReserved": "2019-08-29T00:00:00",
"dateUpdated": "2024-08-06T08:51:05.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9878
Vulnerability from cvelistv5
Published
2024-11-05 09:30
Modified
2024-11-05 13:29
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: * ≤ 1.8.30 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9878",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-05T13:29:40.386095Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T13:29:57.917Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.30",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "tmrswrr"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T09:30:58.925Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bfa1192b-34f5-4b71-8fff-14f2d4ac4aca?source=cve"
},
{
"url": "https://packetstormsecurity.com/files/179357/WordPress-Photo-Gallery-1.8.26-Cross-Site-Scripting.html"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3180567%40photo-gallery%2Ftrunk\u0026old=3171538%40photo-gallery%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file12"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-04T21:24:54.000+00:00",
"value": "Disclosed"
}
],
"title": "Photo Gallery by 10Web \u003c= 1.8.30 - Authenticated (Administrator+) Stored Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-9878",
"datePublished": "2024-11-05T09:30:58.925Z",
"dateReserved": "2024-10-11T18:12:37.932Z",
"dateUpdated": "2024-11-05T13:29:57.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6924
Vulnerability from cvelistv5
Published
2024-01-11 08:32
Modified
2024-08-02 08:42
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in versions up to, and including, 1.8.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with administrator-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. It can also be exploited with a contributor-level permission with a page builder plugin.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: * ≤ 1.8.18 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:08.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21b4d1a1-55fe-4241-820c-203991d724c4?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/Widget.php#L94"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/WidgetSlideshow.php#L64"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/WidgetTags.php#L58"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3013021/photo-gallery"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.18",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in versions up to, and including, 1.8.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with administrator-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. It can also be exploited with a contributor-level permission with a page builder plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-11T08:32:29.092Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21b4d1a1-55fe-4241-820c-203991d724c4?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/Widget.php#L94"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/WidgetSlideshow.php#L64"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/WidgetTags.php#L58"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3013021/photo-gallery"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-18T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2023-12-18T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2023-12-21T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-6924",
"datePublished": "2024-01-11T08:32:29.092Z",
"dateReserved": "2023-12-18T15:13:08.984Z",
"dateUpdated": "2024-08-02T08:42:08.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5426
Vulnerability from cvelistv5
Published
2024-06-07 09:33
Modified
2024-08-01 21:11
Severity ?
EPSS score ?
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘svg’ parameter in all versions up to, and including, 1.8.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, this can only be exploited by administrators, but the ability to use and configure Photo Gallery can be extended to contributors on pro versions of the plugin.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: * ≤ 1.8.23 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5426",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-07T18:26:21.886773Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T18:26:36.883Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13436238-f14a-445b-9a9b-fbcf23b7b498?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L521"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L542"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.23",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tobias Wei\u00dfhaar"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018svg\u2019 parameter in all versions up to, and including, 1.8.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, this can only be exploited by administrators, but the ability to use and configure Photo Gallery can be extended to contributors on pro versions of the plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T09:33:35.276Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13436238-f14a-445b-9a9b-fbcf23b7b498?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L521"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L542"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-06T21:15:26.000+00:00",
"value": "Disclosed"
}
],
"title": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery \u003c= 1.8.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via Zipped SVG"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5426",
"datePublished": "2024-06-07T09:33:35.276Z",
"dateReserved": "2024-05-27T19:35:22.878Z",
"dateUpdated": "2024-08-01T21:11:12.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-14313
Vulnerability from cvelistv5
Published
2019-07-30 17:31
Modified
2024-08-05 00:12
Severity ?
EPSS score ?
Summary
A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wordpress.org/plugins/photo-gallery/#developers | x_refsource_CONFIRM | |
| https://plugins.trac.wordpress.org/changeset/2128378 | x_refsource_CONFIRM | |
| https://fortiguard.com/zeroday/FG-VD-19-101 | x_refsource_MISC | |
| https://wpvulndb.com/vulnerabilities/9480 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:12:43.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2128378"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/zeroday/FG-VD-19-101"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9480"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-13T16:06:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2128378"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/zeroday/FG-VD-19-101"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9480"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14313",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/photo-gallery/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2128378",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2128378"
},
{
"name": "https://fortiguard.com/zeroday/FG-VD-19-101",
"refsource": "MISC",
"url": "https://fortiguard.com/zeroday/FG-VD-19-101"
},
{
"name": "https://wpvulndb.com/vulnerabilities/9480",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9480"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-14313",
"datePublished": "2019-07-30T17:31:06",
"dateReserved": "2019-07-27T00:00:00",
"dateUpdated": "2024-08-05T00:12:43.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-24139
Vulnerability from cvelistv5
Published
2021-03-18 14:57
Modified
2024-08-03 19:21
Severity ?
EPSS score ?
Summary
Unvalidated input in the Photo Gallery (10Web Photo Gallery) WordPress plugin, versions before 1.5.55, leads to SQL injection via the frontend/models/model.php bwg_search_x parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Photo Gallery by 10Web |
Version: 1.5.55 < 1.5.55 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:21:18.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photo Gallery by 10Web",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.5.55",
"status": "affected",
"version": "1.5.55",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Nguyen Anh Tien - SunCSR (Sun* Cyber Security Research)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Unvalidated input in the Photo Gallery (10Web Photo Gallery) WordPress plugin, versions before 1.5.55, leads to SQL injection via the frontend/models/model.php bwg_search_x parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-18T14:57:49",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Photo Gallery by 10Web \u003c 1.5.55 - Unauthenticated SQL Injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24139",
"STATE": "PUBLIC",
"TITLE": "Photo Gallery by 10Web \u003c 1.5.55 - Unauthenticated SQL Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photo Gallery by 10Web",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.5.55",
"version_value": "1.5.55"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Nguyen Anh Tien - SunCSR (Sun* Cyber Security Research)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unvalidated input in the Photo Gallery (10Web Photo Gallery) WordPress plugin, versions before 1.5.55, leads to SQL injection via the frontend/models/model.php bwg_search_x parameter."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24139",
"datePublished": "2021-03-18T14:57:49",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:21:18.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-09-08 23:15
Modified
2024-11-21 04:30
Severity ?
Summary
Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "2E60198F-76D7-43B9-8513-3653D5A9835A",
"versionEndExcluding": "1.5.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php."
},
{
"lang": "es",
"value": "Secuencias de comandos de sitios cruzados (XSS) en el plugin de galer\u00eda de fotos (10Web Photo Gallery) anterior de la versi\u00f3n 1.5.35 para WordPress existe a trav\u00e9s de admin / controllers / Options.php."
}
],
"id": "CVE-2019-16118",
"lastModified": "2024-11-21T04:30:05.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-08T23:15:10.140",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Options.php?old=2142624\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FOptions.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/js/bwg.js?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fjs%2Fbwg.js"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Options.php?old=2142624\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FOptions.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/js/bwg.js?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fjs%2Fbwg.js"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-18 15:15
Modified
2024-11-21 05:52
Severity ?
Summary
Unvalidated input in the Photo Gallery (10Web Photo Gallery) WordPress plugin, versions before 1.5.55, leads to SQL injection via the frontend/models/model.php bwg_search_x parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "1AAC8C97-FA5C-4909-99C9-609A81F0CF91",
"versionEndExcluding": "1.5.55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unvalidated input in the Photo Gallery (10Web Photo Gallery) WordPress plugin, versions before 1.5.55, leads to SQL injection via the frontend/models/model.php bwg_search_x parameter."
},
{
"lang": "es",
"value": "Una entrada no comprobada en el plugin Photo Gallery de WordPress (10Web Photo Gallery), versiones anteriores a 1.5.55, conlleva a una inyecci\u00f3n SQL por medio del par\u00e1metro bwg_search_x en el archivo frontend/models/model.php"
}
],
"id": "CVE-2021-24139",
"lastModified": "2024-11-21T05:52:26.997",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-18T15:15:14.900",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/2e33088e-7b93-44af-aa6a-e5d924f86e28"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "contact@wpscan.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-28 15:29
Modified
2024-11-21 02:20
Severity ?
Summary
Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/130104/Photo-Gallery-1.2.5-Shell-Upload.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://packetstormsecurity.com/files/130384/WordPress-Photo-Gallery-1.2.5-Unrestricted-File-Upload.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securityfocus.com/bid/72620 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/130104/Photo-Gallery-1.2.5-Shell-Upload.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/130384/WordPress-Photo-Gallery-1.2.5-Unrestricted-File-Upload.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72620 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | 1.2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:1.2.5:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "206A726B-FF80-444B-91A0-E92AEB66AF42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted File Upload vulnerability in Photo Gallery 1.2.5."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de subida de archivos sin restricciones en Photo Gallery 1.2.5."
}
],
"id": "CVE-2014-9312",
"lastModified": "2024-11-21T02:20:36.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-28T15:29:00.640",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130104/Photo-Gallery-1.2.5-Shell-Upload.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130384/WordPress-Photo-Gallery-1.2.5-Unrestricted-File-Upload.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130104/Photo-Gallery-1.2.5-Shell-Upload.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130384/WordPress-Photo-Gallery-1.2.5-Unrestricted-File-Upload.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72620"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-02 16:15
Modified
2024-11-21 06:40
Severity ?
Summary
The Photo Gallery by 10Web WordPress plugin before 1.6.3 does not properly sanitize the $_GET['image_url'] variable, which is reflected back to the users when executing the editimage_bwg AJAX action.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "EB372C7D-A626-46E2-8E01-89C6D2AF5C74",
"versionEndExcluding": "1.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.6.3 does not properly sanitize the $_GET[\u0027image_url\u0027] variable, which is reflected back to the users when executing the editimage_bwg AJAX action."
},
{
"lang": "es",
"value": "El plugin Photo Gallery by 10Web de WordPress versiones anteriores a 1.6.3, no sanea apropiadamente la variable $_GET[\"image_url\"], que es reflejada en usuarios cuando es ejecutada la acci\u00f3n AJAX editimage_bwg"
}
],
"id": "CVE-2022-1282",
"lastModified": "2024-11-21T06:40:24.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-02T16:15:09.133",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2706798%40photo-gallery\u0026old=2694928%40photo-gallery\u0026sfp_email=\u0026sfph_mail="
},
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/37a58f4e-d2bc-4825-8e1b-4aaf0a1cf1b6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2706798%40photo-gallery\u0026old=2694928%40photo-gallery\u0026sfp_email=\u0026sfph_mail="
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/37a58f4e-d2bc-4825-8e1b-4aaf0a1cf1b6"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-05 22:15
Modified
2024-11-21 08:46
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This makes it possible for authenticated attackers to rename arbitrary files on the server. This can lead to site takeovers if the wp-config.php file of a site can be renamed. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery management permissions to lower level users, which might make this exploitable by users as low as contributors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "66A6F0D1-8EBF-4862-9BAF-DDCB55232FCE",
"versionEndExcluding": "1.8.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This makes it possible for authenticated attackers to rename arbitrary files on the server. This can lead to site takeovers if the wp-config.php file of a site can be renamed. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery management permissions to lower level users, which might make this exploitable by users as low as contributors."
},
{
"lang": "es",
"value": "El complemento Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 1.8.19 incluida, a trav\u00e9s de la funci\u00f3n rename_item. Esto hace posible que atacantes autenticados cambien el nombre de archivos arbitrarios en el servidor. Esto puede provocar adquisiciones de sitios si se puede cambiar el nombre del archivo wp-config.php de un sitio. De forma predeterminada, esto s\u00f3lo puede ser aprovechado por los administradores. En la versi\u00f3n premium del complemento, los administradores pueden otorgar permisos de administraci\u00f3n de la galer\u00eda a usuarios de niveles inferiores, lo que podr\u00eda hacer que esto sea explotable por usuarios tan bajos como los contribuyentes."
}
],
"id": "CVE-2024-0221",
"lastModified": "2024-11-21T08:46:05.567",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-05T22:15:59.297",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L291"
},
{
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L441"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3022981%40photo-gallery%2Ftrunk\u0026old=3013021%40photo-gallery%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
},
{
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3a3b8f32-f29d-4e67-8fad-202bfc8a9918?source=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3022981%40photo-gallery%2Ftrunk\u0026old=3013021%40photo-gallery%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3a3b8f32-f29d-4e67-8fad-202bfc8a9918?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-07 14:15
Modified
2024-11-21 06:34
Severity ?
Summary
The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://packetstormsecurity.com/files/162227/WordPress-Photo-Gallery-1.5.69-Cross-Site-Scripting.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://packetstormsecurity.com/files/162227/WordPress-Photo-Gallery-1.5.69-Cross-Site-Scripting.html | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "E4C069B0-4C43-45BA-8AD2-D6DDAE195A70",
"versionEndIncluding": "1.5.69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693."
}
],
"id": "CVE-2021-46889",
"lastModified": "2024-11-21T06:34:51.703",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-07T14:15:09.640",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/162227/WordPress-Photo-Gallery-1.5.69-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/162227/WordPress-Photo-Gallery-1.5.69-Cross-Site-Scripting.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-08 10:15
Modified
2024-11-21 06:40
Severity ?
Summary
The Photo Gallery by 10Web WordPress plugin before 1.6.4 does not properly validate and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/f7a0df37-3204-4926-84ec-2204a2f22de3 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/f7a0df37-3204-4926-84ec-2204a2f22de3 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "1CEDD8CE-F7A7-4665-AFE9-D3EEC67E4095",
"versionEndExcluding": "1.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.6.4 does not properly validate and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed"
},
{
"lang": "es",
"value": "El plugin Photo Gallery by 10Web de WordPress versiones anteriores a 1.6.4, no comprueba ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con altos privilegios, como los administradores, llevar a cabo ataques de tipo Cross-Site Scripting cuando unfiltered_html no est\u00e1 permitido"
}
],
"id": "CVE-2022-1394",
"lastModified": "2024-11-21T06:40:38.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-08T10:15:09.347",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/f7a0df37-3204-4926-84ec-2204a2f22de3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/f7a0df37-3204-4926-84ec-2204a2f22de3"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-21 01:29
Modified
2024-11-21 03:10
Severity ?
Summary
The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/jgj212/Advisories/blob/master/photo-gallery.1.3.50-SQL | Third Party Advisory | |
| cve@mitre.org | https://wordpress.org/plugins/photo-gallery/#developers | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jgj212/Advisories/blob/master/photo-gallery.1.3.50-SQL | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/photo-gallery/#developers | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "1AFD1FF6-9EA4-469A-8933-8C9358C0E75E",
"versionEndIncluding": "1.3.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Web-Dorado \"Photo Gallery by WD - Responsive Photo Gallery\" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter."
},
{
"lang": "es",
"value": "El plugin \"Photo Gallery by WD - Responsive Photo Gallery\" de Web-Dorado en su versi\u00f3n 1.3.51 para WordPress tiene una vulnerabilidad de inyecci\u00f3n SQL que afecta a bwg_edit_tag() en photo-gallery.php y a edit_tag() en admin/controllers/BWGControllerTags_bwg.php. Los administradores lo podr\u00edan explotar mediante el par\u00e1metro tag_id."
}
],
"id": "CVE-2017-12977",
"lastModified": "2024-11-21T03:10:34.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-21T01:29:00.547",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/jgj212/Advisories/blob/master/photo-gallery.1.3.50-SQL"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/jgj212/Advisories/blob/master/photo-gallery.1.3.50-SQL"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-30 18:15
Modified
2024-11-21 04:26
Severity ?
Summary
A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "65A6476E-3369-46E2-9D79-7B2A758FC90B",
"versionEndExcluding": "1.5.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de inyecci\u00f3n SQL en el plugin 10Web Photo Gallery anterior a versi\u00f3n 1.5.31 para WordPress. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad permitir\u00eda a un atacante remoto ejecutar comandos SQL arbitrarios en el sistema afectado por medio del archivo filemanager/model.php."
}
],
"id": "CVE-2019-14313",
"lastModified": "2024-11-21T04:26:28.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-30T18:15:16.413",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fortiguard.com/zeroday/FG-VD-19-101"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2128378"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/9480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fortiguard.com/zeroday/FG-VD-19-101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2128378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/9480"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-07 10:15
Modified
2024-11-21 09:47
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘svg’ parameter in all versions up to, and including, 1.8.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, this can only be exploited by administrators, but the ability to use and configure Photo Gallery can be extended to contributors on pro versions of the plugin.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "974320E7-18AE-4738-BE29-52AF8BDA52EE",
"versionEndExcluding": "1.8.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018svg\u2019 parameter in all versions up to, and including, 1.8.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, this can only be exploited by administrators, but the ability to use and configure Photo Gallery can be extended to contributors on pro versions of the plugin."
},
{
"lang": "es",
"value": "El complemento Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro \u0027svg\u0027 en todas las versiones hasta la 1.8.23 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. De forma predeterminada, esto solo puede ser aprovechado por los administradores, pero la capacidad de usar y configurar la Galer\u00eda fotogr\u00e1fica se puede extender a los contribuyentes en las versiones profesionales del complemento."
}
],
"id": "CVE-2024-5426",
"lastModified": "2024-11-21T09:47:37.890",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7,
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-07T10:15:11.627",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L521"
},
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L542"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
},
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13436238-f14a-445b-9a9b-fbcf23b7b498?source=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13436238-f14a-445b-9a9b-fbcf23b7b498?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-25 17:15
Modified
2024-11-21 05:40
Severity ?
Summary
Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/photo-gallery/#developers | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://wpvulndb.com/vulnerabilities/10088 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/photo-gallery/#developers | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpvulndb.com/vulnerabilities/10088 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "B4C1EBAD-AF87-4A00-B17E-171AD6FEAE98",
"versionEndExcluding": "1.5.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de tipo XSS almacenado se presentan en el plugin 10Web Photo Gallery versiones anteriores a 1.5.46 en WordPress. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad permitir\u00eda a un usuario administrador autentificado inyectar c\u00f3digo JavaScript arbitrario que es visualizado por otros usuarios."
}
],
"id": "CVE-2020-9335",
"lastModified": "2024-11-21T05:40:25.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-25T17:15:13.650",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/10088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/10088"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-08 17:15
Modified
2024-11-21 02:25
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Photo Gallery plugin before 1.2.11 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) sort_by, (2) sort_order, (3) items_view, (4) dir, (5) clipboard_task, (6) clipboard_files, (7) clipboard_src, or (8) clipboard_dest parameters in an addImages action to wp-admin/admin-ajax.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "190DD3A7-3F0A-4EEE-BEE0-C6907F00884D",
"versionEndExcluding": "1.2.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Photo Gallery plugin before 1.2.11 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) sort_by, (2) sort_order, (3) items_view, (4) dir, (5) clipboard_task, (6) clipboard_files, (7) clipboard_src, or (8) clipboard_dest parameters in an addImages action to wp-admin/admin-ajax.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de tipo cross-site scripting (XSS) en el plugin Photo Gallery versiones anteriores a 1.2.11 para WordPress, permiten a usuarios autenticados remotos inyectar script web o HTML arbitrario por medio de los par\u00e1metros (1) sort_by, (2) sort_order, (3) items_view, (4 ) dir, (5) clipboard_task, (6) clipboard_files, (7) clipboard_src o (8) clipboard_dest en una acci\u00f3n addImages en el archivo wp-admin/admin-ajax.php."
}
],
"id": "CVE-2015-1394",
"lastModified": "2024-11-21T02:25:20.413",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-08T17:15:11.340",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/534568/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset/1073334/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset/1076678/photo-gallery"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2015/Jan/140"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/changelog/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/534568/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset/1073334/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset/1076678/photo-gallery"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2015/Jan/140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/changelog/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-30 13:15
Modified
2024-11-21 02:40
Severity ?
Summary
The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/photo-gallery/#developers | Product, Third Party Advisory | |
| cve@mitre.org | https://wordpress.org/support/topic/this-plugin-is-reported-as-vulnerable/ | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://wpvulndb.com/vulnerabilities/7225 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/photo-gallery/#developers | Product, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/support/topic/this-plugin-is-reported-as-vulnerable/ | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpvulndb.com/vulnerabilities/7225 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "2EFBA0A5-C377-4521-B30C-59752CE1B381",
"versionEndExcluding": "1.2.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The photo-gallery plugin before 1.2.42 for WordPress has CSRF."
},
{
"lang": "es",
"value": "El plugin photo-gallery anterior a la versi\u00f3n 1.2.42 para WordPress tiene CSRF."
}
],
"id": "CVE-2015-9380",
"lastModified": "2024-11-21T02:40:29.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-30T13:15:11.170",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://wordpress.org/support/topic/this-plugin-is-reported-as-vulnerable/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/7225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://wordpress.org/support/topic/this-plugin-is-reported-as-vulnerable/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/7225"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-01 14:15
Modified
2024-11-21 05:52
Severity ?
Summary
The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery in the admin dashboard. This is due to an incomplete fix of CVE-2019-16117
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "70A1E6F4-4538-4B48-BDEB-3150451DFC51",
"versionEndExcluding": "1.5.67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery in the admin dashboard. This is due to an incomplete fix of CVE-2019-16117"
},
{
"lang": "es",
"value": "El plugin de WordPress Photo Gallery by 10Web - Mobile-Friendly Image Gallery versiones anteriores a 1.5.67, no saneaba apropiadamente el t\u00edtulo de la galer\u00eda, permitiendo a usuarios muy privilegiados crear uno con carga \u00fatil de tipo XSS, el cual se desencadenar\u00e1 cuando otro usuario visualice la lista de la galer\u00eda o la galer\u00eda afectada en el panel de administraci\u00f3n. Esto es debido a una correci\u00f3n incompleta de CVE-2019-16117"
}
],
"id": "CVE-2021-24310",
"lastModified": "2024-11-21T05:52:49.013",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-01T14:15:08.823",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-19 14:15
Modified
2024-11-21 07:34
Severity ?
Summary
The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/89656cb3-4611-4ae7-b7f8-1b22eb75cfc4 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/89656cb3-4611-4ae7-b7f8-1b22eb75cfc4 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "32E0F285-25BF-44DE-A0CB-1F160BE55385",
"versionEndExcluding": "1.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control."
},
{
"lang": "es",
"value": "El complemento Photo Gallery de 10Web para WordPress anterior a 1.8.3 no valida ni escapa algunos par\u00e1metros antes de volver a generarlos en c\u00f3digo JS m\u00e1s adelante en otra p\u00e1gina, lo que podr\u00eda provocar un problema de XSS almacenado cuando un atacante hace que un administrador que ha iniciado sesi\u00f3n abra un archivo malicioso, URL o p\u00e1gina bajo su control."
}
],
"id": "CVE-2022-4058",
"lastModified": "2024-11-21T07:34:31.580",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-19T14:15:11.920",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/89656cb3-4611-4ae7-b7f8-1b22eb75cfc4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/89656cb3-4611-4ae7-b7f8-1b22eb75cfc4"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified"
}
Vulnerability from fkie_nvd
Published
2019-08-09 14:15
Modified
2024-11-21 04:27
Severity ?
Summary
The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/photo-gallery/#developers | Third Party Advisory | |
| cve@mitre.org | https://wpvulndb.com/vulnerabilities/9361 | Third Party Advisory | |
| cve@mitre.org | https://www.pluginvulnerabilities.com/2019/05/14/authenticated-local-file-inclusion-lfi-vulnerability-in-photo-gallery-by-10web/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/photo-gallery/#developers | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpvulndb.com/vulnerabilities/9361 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.pluginvulnerabilities.com/2019/05/14/authenticated-local-file-inclusion-lfi-vulnerability-in-photo-gallery-by-10web/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "50557D27-CCDC-4F3D-91A1-36F4E42E70DE",
"versionEndExcluding": "1.5.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter."
},
{
"lang": "es",
"value": "El plugin 10Web Photo Gallery en versiones anteriores a 1.5.25 para WordPress, presenta una Inclusi\u00f3n de Archivos Locales Autenticada por medio de un salto de directorio en el par\u00e1metro wp-admin/admin-ajax.php?action=shortcode_bwg tagtext."
}
],
"id": "CVE-2019-14798",
"lastModified": "2024-11-21T04:27:22.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-09T14:15:11.757",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/9361"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.pluginvulnerabilities.com/2019/05/14/authenticated-local-file-inclusion-lfi-vulnerability-in-photo-gallery-by-10web/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/9361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.pluginvulnerabilities.com/2019/05/14/authenticated-local-file-inclusion-lfi-vulnerability-in-photo-gallery-by-10web/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-05 10:21
Modified
2024-11-08 15:25
Severity ?
4.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "9F46FE72-6A51-4652-B150-FE2009752353",
"versionEndExcluding": "1.8.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
},
{
"lang": "es",
"value": "El complemento Photo Gallery de 10Web \u2013 Mobile-Friendly Image Gallery para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s de la configuraci\u00f3n de administrador en todas las versiones hasta la 1.8.30 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con permisos de nivel de administrador o superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Esto solo afecta a instalaciones multisitio e instalaciones en las que se ha deshabilitado unfiltered_html."
}
],
"id": "CVE-2024-9878",
"lastModified": "2024-11-08T15:25:45.930",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7,
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-05T10:21:16.540",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/179357/WordPress-Photo-Gallery-1.8.26-Cross-Site-Scripting.html"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3180567%40photo-gallery%2Ftrunk\u0026old=3171538%40photo-gallery%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file12"
},
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bfa1192b-34f5-4b71-8fff-14f2d4ac4aca?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@wordfence.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-09 14:15
Modified
2024-11-21 04:27
Severity ?
Summary
The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/photo-gallery/#developers | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/photo-gallery/#developers | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "A0A3F6A5-C8F2-437F-B9F4-8FA69B461843",
"versionEndExcluding": "1.5.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS."
},
{
"lang": "es",
"value": "El plugin 10Web Photo Gallery en versiones anteriores a 1.5.23 para WordPress, presenta una vulnerabilidad de tipo XSS almacenado autenticado."
}
],
"id": "CVE-2019-14797",
"lastModified": "2024-11-21T04:27:22.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-09T14:15:11.693",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-16 11:15
Modified
2024-11-21 05:52
Severity ?
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/1628935f-1d7d-4609-b7a9-e5526499c974 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/1628935f-1d7d-4609-b7a9-e5526499c974 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "D07C4188-B7D7-4DF7-ADF1-B1088C5B3147",
"versionEndExcluding": "1.5.75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector"
},
{
"lang": "es",
"value": "El plugin de WordPress Photo Gallery by 10Web - Mobile-Friendly Image Gallery versiones anteriores a 1.5.75, no aseguraba que los archivos subidos se mantuvieran dentro de su carpeta uploads, permitiendo a usuarios con altos privilegios poner im\u00e1genes/SVG en cualquier parte del sistema de archivos por medio de un vector de salto de ruta."
}
],
"id": "CVE-2021-24363",
"lastModified": "2024-11-21T05:52:55.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-16T11:15:08.000",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/1628935f-1d7d-4609-b7a9-e5526499c974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/1628935f-1d7d-4609-b7a9-e5526499c974"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-14 12:15
Modified
2024-11-21 05:52
Severity ?
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET parameters passed to the bwg_frontend_data AJAX action (available to both unauthenticated and authenticated users)
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://packetstormsecurity.com/files/162227/ | Exploit, Third Party Advisory, VDB Entry | |
| contact@wpscan.com | https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://packetstormsecurity.com/files/162227/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "CE31ABA2-4259-4A3B-8163-5571D7D9539C",
"versionEndExcluding": "1.5.69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET parameters passed to the bwg_frontend_data AJAX action (available to both unauthenticated and authenticated users)"
},
{
"lang": "es",
"value": "El plugin de WordPress The Photo Gallery by 10Web - Mobile-Friendly Image Gallery, versiones anteriores a 1.5.69, era vulnerable a problemas de tipo cross-site scripting (XSS) reflejado mediante los par\u00e1metros GET gallery_id, tag, album_id y _id pasados ??en la acci\u00f3n AJAX bwg_frontend_data (disponible para usuarios autenticados y no autenticados)"
}
],
"id": "CVE-2021-24291",
"lastModified": "2024-11-21T05:52:46.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-14T12:15:08.523",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/162227/"
},
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/162227/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-19 19:29
Modified
2024-11-21 02:27
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://fortiguard.com/zeroday/FG-VD-15-009 | Third Party Advisory | |
| cve@mitre.org | https://github.com/wp-plugins/photo-gallery/blob/master/readme.txt | Product, Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/zeroday/FG-VD-15-009 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wp-plugins/photo-gallery/blob/master/readme.txt | Product, Release Notes |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F06A8283-48C2-44E8-91A1-9837AF3D426D",
"versionEndExcluding": "1.2.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad Cross-Site Scripting (XSS) en filemanager en las versiones anteriores a la 1.2.13 del plugin Photo Gallery para WordPress permite que los usuarios autenticados remotos con permiso de edici\u00f3n inyecten scripts web o HTML arbitrarios mediante vectores no especificados."
}
],
"id": "CVE-2015-2324",
"lastModified": "2024-11-21T02:27:13.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-19T19:29:00.420",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://fortiguard.com/zeroday/FG-VD-15-009"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Release Notes"
],
"url": "https://github.com/wp-plugins/photo-gallery/blob/master/readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fortiguard.com/zeroday/FG-VD-15-009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Release Notes"
],
"url": "https://github.com/wp-plugins/photo-gallery/blob/master/readme.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-17 13:15
Modified
2025-02-06 16:15
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/c8917ba2-4cb3-4b09-8a49-b7c612254946 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/c8917ba2-4cb3-4b09-8a49-b7c612254946 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "9CABF93C-D672-4711-AA74-F220C571EED2",
"versionEndExcluding": "1.8.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector."
}
],
"id": "CVE-2023-1427",
"lastModified": "2025-02-06T16:15:32.867",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-04-17T13:15:38.440",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/c8917ba2-4cb3-4b09-8a49-b7c612254946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/c8917ba2-4cb3-4b09-8a49-b7c612254946"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified"
}
Vulnerability from fkie_nvd
Published
2022-03-14 15:15
Modified
2024-11-21 06:38
Severity ?
Summary
The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL injection
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9 | Patch, Release Notes, Third Party Advisory | |
| contact@wpscan.com | https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9 | Patch, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "78E10837-43D8-4EB9-B851-4454B231ECAF",
"versionEndExcluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL injection"
},
{
"lang": "es",
"value": "El plugin Photo Gallery by 10Web de WordPress versiones anteriores a 1.6.0, no comprueba ni escapa del par\u00e1metro bwg_tag_id_bwg_thumbnails_0 antes de usarlo en una sentencia SQL por medio de la acci\u00f3n AJAX bwg_frontend_data (disponible para usuarios autenticados y no autenticados), conllevando a una inyecci\u00f3n SQL no autenticada"
}
],
"id": "CVE-2022-0169",
"lastModified": "2024-11-21T06:38:03.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-14T15:15:09.570",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Patch",
"Release Notes",
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9"
},
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes",
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-07 10:15
Modified
2024-11-21 09:47
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "974320E7-18AE-4738-BE29-52AF8BDA52EE",
"versionEndExcluding": "1.8.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors."
},
{
"lang": "es",
"value": "El complemento Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery para WordPress es vulnerable a Path Traversal en todas las versiones hasta la 1.8.23 incluida a trav\u00e9s de la funci\u00f3n esc_dir. Esto hace posible que atacantes autenticados corten y peguen (copien) el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial, y corten (eliminen) directorios arbitrarios, incluido el directorio ra\u00edz de WordPress. De forma predeterminada, esto s\u00f3lo puede ser aprovechado por los administradores. En la versi\u00f3n premium del complemento, los administradores pueden otorgar permisos de edici\u00f3n de la galer\u00eda a usuarios de niveles inferiores, lo que podr\u00eda hacer que esto sea explotable por usuarios tan bajos como contribuyentes."
}
],
"id": "CVE-2024-5481",
"lastModified": "2024-11-21T09:47:45.877",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-07T10:15:11.827",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178"
},
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436"
},
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
},
{
"source": "security@wordfence.com",
"tags": [
"Product",
"Release Notes"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Release Notes"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-01-16 15:59
Modified
2024-11-21 02:24
Severity ?
Summary
SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the order_by parameter in a GalleryBox action to wp-admin/admin-ajax.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | 1.2.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:1.2.7:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "40C97375-7FD3-44F8-BB4D-DCEDC92743E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the order_by parameter in a GalleryBox action to wp-admin/admin-ajax.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en el plugin Photo Gallery 1.2.7 para WordPress permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro order_by en una acci\u00f3n GalleryBox en wp-admin/admin-ajax.php."
}
],
"id": "CVE-2015-1055",
"lastModified": "2024-11-21T02:24:33.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-16T15:59:05.030",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/36"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/36"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72015"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-02 16:15
Modified
2024-11-21 06:40
Severity ?
Summary
The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST['filter_tag'] parameter, which is appended to an SQL query, making SQL Injection attacks possible.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "58E63EC8-8A75-4455-8127-949EA348B4E4",
"versionEndIncluding": "1.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST[\u0027filter_tag\u0027] parameter, which is appended to an SQL query, making SQL Injection attacks possible."
},
{
"lang": "es",
"value": "El plugin Photo Gallery de WordPress versiones hasta 1.6.3, no escapa apropiadamente del par\u00e1metro $_POST[\"filter_tag\"], que es anexado a una consulta SQL, haciendo posible ataques de inyecci\u00f3n SQL"
}
],
"id": "CVE-2022-1281",
"lastModified": "2024-11-21T06:40:24.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-02T16:15:09.073",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset/2706797/photo-gallery/trunk/frontend/models/BWGModelGalleryBox.php?old=2587758\u0026old_path=photo-gallery%2Ftrunk%2Ffrontend%2Fmodels%2FBWGModelGalleryBox.php"
},
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/2b4866f2-f511-41c6-8135-cf1e0263d8de"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset/2706797/photo-gallery/trunk/frontend/models/BWGModelGalleryBox.php?old=2587758\u0026old_path=photo-gallery%2Ftrunk%2Ffrontend%2Fmodels%2FBWGModelGalleryBox.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/2b4866f2-f511-41c6-8135-cf1e0263d8de"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-16 11:15
Modified
2024-11-21 05:52
Severity ?
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded SVG files added to a gallery do not contain malicious content. As a result, users allowed to add images to gallery can upload an SVG file containing JavaScript code, which will be executed when accessing the image directly (ie in the /wp-content/uploads/photo-gallery/ folder), leading to a Cross-Site Scripting (XSS) issue
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/57823dcb-2149-47f7-aae2-d9f04dce851a | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/57823dcb-2149-47f7-aae2-d9f04dce851a | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "D07C4188-B7D7-4DF7-ADF1-B1088C5B3147",
"versionEndExcluding": "1.5.75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded SVG files added to a gallery do not contain malicious content. As a result, users allowed to add images to gallery can upload an SVG file containing JavaScript code, which will be executed when accessing the image directly (ie in the /wp-content/uploads/photo-gallery/ folder), leading to a Cross-Site Scripting (XSS) issue"
},
{
"lang": "es",
"value": "El plugin de WordPress Photo Gallery by 10Web - Mobile-Friendly Image Gallery versiones anteriores a 1.5.75, no aseguraba que los archivos SVG cargados y a\u00f1adidos a una galer\u00eda no contuvieran contenido malicioso. Como resultado, unos usuarios autorizados a a\u00f1adir im\u00e1genes a la galer\u00eda pueden subir un archivo SVG que contenga c\u00f3digo JavaScript, que ser\u00e1 ejecutado cuando se acceda a la imagen directamente (es decir, en la carpeta /wp-content/uploads/photo-gallery/), conllevando a un problema de tipo Cross-Site Scripting (XSS)"
}
],
"id": "CVE-2021-24362",
"lastModified": "2024-11-21T05:52:55.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-16T11:15:07.857",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/57823dcb-2149-47f7-aae2-d9f04dce851a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/57823dcb-2149-47f7-aae2-d9f04dce851a"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-11 09:15
Modified
2024-11-21 08:44
Severity ?
4.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
The Photo Gallery by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in versions up to, and including, 1.8.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with administrator-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. It can also be exploited with a contributor-level permission with a page builder plugin.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "10B19669-9D27-48C6-8C4E-A88EB50F5EB4",
"versionEndIncluding": "1.8.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in versions up to, and including, 1.8.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with administrator-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. It can also be exploited with a contributor-level permission with a page builder plugin."
},
{
"lang": "es",
"value": "El complemento Photo Gallery de 10Web para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s de widgets en versiones hasta la 1.8.18 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de administrador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Tambi\u00e9n se puede explotar con un permiso de nivel de colaborador con un complemento de creaci\u00f3n de p\u00e1ginas."
}
],
"id": "CVE-2023-6924",
"lastModified": "2024-11-21T08:44:50.747",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7,
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-11T09:15:53.253",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/Widget.php#L94"
},
{
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/WidgetSlideshow.php#L64"
},
{
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/WidgetTags.php#L58"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3013021/photo-gallery"
},
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21b4d1a1-55fe-4241-820c-203991d724c4?source=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/Widget.php#L94"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/WidgetSlideshow.php#L64"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/WidgetTags.php#L58"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3013021/photo-gallery"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21b4d1a1-55fe-4241-820c-203991d724c4?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-08 23:15
Modified
2024-11-21 04:30
Severity ?
Summary
Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/models/Galleries.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "2E60198F-76D7-43B9-8513-3653D5A9835A",
"versionEndExcluding": "1.5.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/models/Galleries.php."
},
{
"lang": "es",
"value": "Secuencias de comandos de sitios cruzados (XSS) en el complemento de galer\u00eda de fotos (10Web Photo Gallery) anterior de la versi\u00f3n 1.5.35 para WordPress existe a trav\u00e9s de admin / models / Galleries.php."
}
],
"id": "CVE-2019-16117",
"lastModified": "2024-11-21T04:30:04.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-08T23:15:10.047",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/models/Galleries.php?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fmodels%2FGalleries.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154433/WordPress-Photo-Gallery-1.5.34-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/models/Galleries.php?old=2135029\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fmodels%2FGalleries.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-08 23:15
Modified
2024-11-21 04:30
Severity ?
Summary
SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php album_id parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "2E60198F-76D7-43B9-8513-3653D5A9835A",
"versionEndExcluding": "1.5.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php album_id parameter."
},
{
"lang": "es",
"value": "La inyecci\u00f3n SQL en el plugin de galer\u00eda de fotos (10Web Photo Gallery) en versiones anteriores a la 1.5.35 para WordPress existe a trav\u00e9s del par\u00e1metro admin/controllers/Albumsgalleries.php album_id."
}
],
"id": "CVE-2019-16119",
"lastModified": "2024-11-21T04:30:05.263",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-08T23:15:10.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154432/WordPress-Photo-Gallery-1.5.34-SQL-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Albumsgalleries.php?old=1845136\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FAlbumsgalleries.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154432/WordPress-Photo-Gallery-1.5.34-SQL-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Albumsgalleries.php?old=1845136\u0026old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FAlbumsgalleries.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/9872"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-02 15:59
Modified
2024-11-21 02:25
Severity ?
Summary
SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "73F8040E-CFA9-4B34-B209-2E35A597DDCE",
"versionEndIncluding": "1.2.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en el plugin Photo Gallery anterior a 1.2.11 para WordPress permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro asc_or_desc en una solicitud para crear galer\u00eda en la p\u00e1gina galleries_bwg en wp-admin/admin.php."
}
],
"id": "CVE-2015-1393",
"lastModified": "2024-11-21T02:25:20.273",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-02T15:59:07.160",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/534569/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://plugins.trac.wordpress.org/changeset/1074134/photo-gallery"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/534569/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://plugins.trac.wordpress.org/changeset/1074134/photo-gallery"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-06 16:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Photo Gallery by 10Web WordPress plugin before 1.5.68 is vulnerable to Reflected Cross-Site Scripting (XSS) issues via the bwg_album_breadcrumb_0 and shortcode_id GET parameters passed to the bwg_frontend_data AJAX action
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://plugins.trac.wordpress.org/changeset/2467205 | Patch, Third Party Advisory | |
| contact@wpscan.com | https://wpscan.com/vulnerability/32aee3ea-e0af-44da-a16c-102c83eaed8f | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://plugins.trac.wordpress.org/changeset/2467205 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/32aee3ea-e0af-44da-a16c-102c83eaed8f | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 10web | photo_gallery | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "12AD1A02-8395-4255-AA00-E6B7E472C754",
"versionEndExcluding": "1.5.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.5.68 is vulnerable to Reflected Cross-Site Scripting (XSS) issues via the bwg_album_breadcrumb_0 and shortcode_id GET parameters passed to the bwg_frontend_data AJAX action"
},
{
"lang": "es",
"value": "El plugin Photo Gallery by 10Web de WordPress versiones anteriores a 1.5.68, es vulnerable a problemas de tipo Cross-Site Scripting (XSS) Reflejado por medio de los par\u00e1metros GET bwg_album_breadcrumb_0 y shortcode_id pasados a la acci\u00f3n AJAX bwg_frontend_data"
}
],
"id": "CVE-2021-25041",
"lastModified": "2024-11-21T05:54:14.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-06T16:15:08.660",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset/2467205"
},
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/32aee3ea-e0af-44da-a16c-102c83eaed8f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://plugins.trac.wordpress.org/changeset/2467205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/32aee3ea-e0af-44da-a16c-102c83eaed8f"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}