Lucene search
WPScanCVELIST:CVE-2021-24291HistoryMay 14, 2021 - 11:38 a.m.
CVE-2021-24291 Photo Gallery < 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS)
2021-05-1411:38:18
CWE-79
WPScan
www.cve.org
2
0.001 Low
EPSS
Percentile
42.0%
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET parameters passed to the bwg_frontend_data AJAX action (available to both unauthenticated and authenticated users)
CNA Affected
[
{
"product": "Photo Gallery by 10Web – Mobile-Friendly Image Gallery",
"vendor": "Photo Gallery Team",
"versions": [
{
"lessThan": "1.5.69",
"status": "affected",
"version": "1.5.69",
"versionType": "custom"
}
]
}
]Related
nuclei
nuclei
WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting
2021-07-26 17:18:45
wpvulndb
wpvulndb
Photo Gallery < 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS)
2021-04-19 00:00:00
cve
cve
prion
prion
Cross site scripting
2021-05-14 12:15:00
Cross site scripting
2023-06-07 14:15:00
Design/Logic Flaw
2022-11-29 21:15:00
wpexploit
wpexploit
Photo Gallery < 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS)
2021-04-19 00:00:00
openvas
openvas
WordPress Photo Gallery Plugin < 1.5.69 XSS Vulnerability
2021-06-22 00:00:00
nvd
nvd
cvelist
cvelist
CVE-2021-46889
2023-06-07 00:00:00
CVE-2021-31693
2022-11-29 00:00:00