exploitDog

GHSA-r3r3-hjgr-8x9f

Опубликовано: 31 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users, leading to an Unauthenticated Stored-XSS attack when comments are displayed

The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users, leading to an Unauthenticated Stored-XSS attack when comments are displayed

Ссылки

EPSS

Процентиль: 52%

0.00289

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-0613

CVSS3: 6.1

nvd

10 месяцев назад

The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users, leading to an Unauthenticated Stored-XSS attack when comments are displayed

EPSS

Процентиль: 52%

0.00289

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79