photo-gallery Plugin up to 1.5.34 on WordPress Options.php cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, was found in photo-gallery Plugin up to 1.5.34 on WordPress (Photo Gallery Software). Affected is some unknown functionality of the file admin/controllers/Options.php. Upgrading to version 1.5.35 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
934445508/15/2020VulD...cve_nvd_summaryCross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php.mitre.org08/15/2020accepted100
934445408/15/2020VulD...cve_assigned1567900800mitre.org08/15/2020accepted100
934444808/15/2020VulD...cvss3_nvd_aNnist.gov08/15/2020accepted100
934444708/15/2020VulD...cvss3_nvd_iLnist.gov08/15/2020accepted100
934444608/15/2020VulD...cvss3_nvd_cLnist.gov08/15/2020accepted100
934444508/15/2020VulD...cvss3_nvd_sCnist.gov08/15/2020accepted100
934444408/15/2020VulD...cvss3_nvd_uiRnist.gov08/15/2020accepted100
934444308/15/2020VulD...cvss3_nvd_prNnist.gov08/15/2020accepted100
934444208/15/2020VulD...cvss3_nvd_acLnist.gov08/15/2020accepted100
934444108/15/2020VulD...cvss3_nvd_avNnist.gov08/15/2020accepted100
934442808/15/2020VulD...cvss2_nvd_aiNnist.gov08/15/2020accepted100
934442708/15/2020VulD...cvss2_nvd_iiPnist.gov08/15/2020accepted100
934442608/15/2020VulD...cvss2_nvd_ciNnist.gov08/15/2020accepted100
934442508/15/2020VulD...cvss2_nvd_auNnist.gov08/15/2020accepted100
934442408/15/2020VulD...cvss2_nvd_acMnist.gov08/15/2020accepted100
934442308/15/2020VulD...cvss2_nvd_avNnist.gov08/15/2020accepted100
934441308/15/2020VulD...cwe79 (cross site scripting)08/15/2020accepted100
934440808/15/2020VulD...typePhoto Gallery Software08/15/2020accepted100
934446309/09/2019VulD...cvss3_nvd_basescore6.1nist.gov09/09/2019accepted90
934446209/09/2019VulD...cvss3_vuldb_rcX09/09/2019accepted90

Interested in the pricing of exploits?

See the underground prices here!