photo-gallery Plugin up to 1.5.34 on WordPress Options.php cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, was found in photo-gallery Plugin up to 1.5.34 on WordPress (Photo Gallery Software). Affected is some unknown functionality of the file admin/controllers/Options.php. Upgrading to version 1.5.35 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

ID	Commited	User	Field	Change	Remarks	Moderated	Reason	C
9344455	08/15/2020	VulD...	cve_nvd_summary	Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php.	mitre.org	08/15/2020	accepted	100
9344454	08/15/2020	VulD...	cve_assigned	1567900800	mitre.org	08/15/2020	accepted	100
9344448	08/15/2020	VulD...	cvss3_nvd_a	N	nist.gov	08/15/2020	accepted	100
9344447	08/15/2020	VulD...	cvss3_nvd_i	L	nist.gov	08/15/2020	accepted	100
9344446	08/15/2020	VulD...	cvss3_nvd_c	L	nist.gov	08/15/2020	accepted	100
9344445	08/15/2020	VulD...	cvss3_nvd_s	C	nist.gov	08/15/2020	accepted	100
9344444	08/15/2020	VulD...	cvss3_nvd_ui	R	nist.gov	08/15/2020	accepted	100
9344443	08/15/2020	VulD...	cvss3_nvd_pr	N	nist.gov	08/15/2020	accepted	100
9344442	08/15/2020	VulD...	cvss3_nvd_ac	L	nist.gov	08/15/2020	accepted	100
9344441	08/15/2020	VulD...	cvss3_nvd_av	N	nist.gov	08/15/2020	accepted	100
9344428	08/15/2020	VulD...	cvss2_nvd_ai	N	nist.gov	08/15/2020	accepted	100
9344427	08/15/2020	VulD...	cvss2_nvd_ii	P	nist.gov	08/15/2020	accepted	100
9344426	08/15/2020	VulD...	cvss2_nvd_ci	N	nist.gov	08/15/2020	accepted	100
9344425	08/15/2020	VulD...	cvss2_nvd_au	N	nist.gov	08/15/2020	accepted	100
9344424	08/15/2020	VulD...	cvss2_nvd_ac	M	nist.gov	08/15/2020	accepted	100
9344423	08/15/2020	VulD...	cvss2_nvd_av	N	nist.gov	08/15/2020	accepted	100
9344413	08/15/2020	VulD...	cwe	79 (cross site scripting)		08/15/2020	accepted	100
9344408	08/15/2020	VulD...	type	Photo Gallery Software		08/15/2020	accepted	100
9344463	09/09/2019	VulD...	cvss3_nvd_basescore	6.1	nist.gov	09/09/2019	accepted	90
9344462	09/09/2019	VulD...	cvss3_vuldb_rc	X		09/09/2019	accepted	90