← Zuruck zu CVEs
CVE-2021-24529
MEDIUM5.4
Beschreibung
The Grid Gallery – Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability.
CVE Details
CVSS v3.1 Bewertung5.4
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionREQUIRED
Veroffentlicht8/23/2021
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
awplife:grid_gallery
Schwachen (CWE)
CWE-79
Referenzen
https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5(contact@wpscan.com)
https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.