PT-2022-10591 · Supsystic · Photo Gallery By Supsystic

Rasi

+1

·

Published

2022-06-15

·

Updated

2022-06-24

·

CVE-2021-36891

CVSS v3.1

5.4

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Name of the Vulnerable Software and Affected Versions Photo Gallery by Supsystic plugin versions prior to 1.15.6
Description The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability, which allows an attacker to change the plugin settings.
Recommendations For Photo Gallery by Supsystic plugin versions prior to 1.15.6, update to version 1.15.6 or later to resolve the issue.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2021-36891

Affected Products

Photo Gallery By Supsystic