PT-2023-15537 · Angie Makes · The Galleries

Lana Codes

Publicado

2023-02-27

Atualizado

2025-03-10

CVE-2022-4795

CVSS v3.1

5.4

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions The Galleries by Angie Makes WordPress plugin versions prior to 1.68

Description The issue concerns a lack of validation and escaping of certain shortcode attributes, which could lead to Stored Cross-Site Scripting attacks. Users with the contributor role and above may exploit this.

Recommendations For versions prior to 1.68, update to version 1.68 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2022-4795

Produtos afetados

The Galleries

PT-2023-15537 · Angie Makes · The Galleries

CVE-2022-4795

Identificadores relacionados

Produtos afetados

Referências · 4