CVE-2020-9003

Name of the Vulnerable Software and Affected Versions Modula Image Gallery plugin versions prior to 2.2.5

Description A stored XSS issue exists, allowing an authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users. This enables the execution of malicious scripts within the context of the affected application.

Recommendations For versions prior to 2.2.5, update to version 2.2.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality for low-privileged users until the update is applied.