Back to search
CVE-2021-24291
Published: May 14, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET parameters passed to the bwg_frontend_data AJAX action (available to both unauthenticated and authenticated users)
| Vendor | Product | Versions |
|---|---|---|
Photo Gallery Team | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | affected 1.5.69 - < 1.5.69 |
Weaknesses (CWE)
References
https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a
x_refsource_CONFIRM
https://packetstormsecurity.com/files/162227/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now