← Volver a CVEs
CVE-2021-24529
MEDIUM5.4
Descripcion
The Grid Gallery – Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability.
Detalles CVE
Puntuacion CVSS v3.15.4
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioREQUIRED
Publicado8/23/2021
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
awplife:grid_gallery
Debilidades (CWE)
CWE-79
Referencias
https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5(contact@wpscan.com)
https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.