Younghun Lee

**Name of the Vulnerable Software and Affected Versions** Easy Image Collage versions prior to 1.13.7 **Description** The Easy Image Collage plugin for WordPress contains a Stored Cross-Site Scripting issue resulting from insufficient input sanitization and output escaping. Authenticated attackers with author-level access or higher can inject arbitrary web scripts into pages through the `grid[properties][borderColor]` and `grid[images][N][attachment url]` parameters. These scripts execute whenever a user visits the affected page. The issue persists because data is stored using the `update post meta()` function instead of `wp insert post()`, bypassing the `unfiltered html` restriction typically used by WordPress to control author capabilities. **Recommendations** Update to a version later than 1.13.6. As a temporary mitigation, restrict author-level access to the `grid[properties][borderColor]` and `grid[images][N][attachment url]` parameters.