← voltar
CVE-2021-24529

Grid Gallery < 1.2.5 - Authenticated Stored Cross Site Scripting (XSS)

EPSS 0.6%CWE-79
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
23 ago 2021Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The Grid Gallery – Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability.