CVE-2023-0764

Name of the Vulnerable Software and Affected Versions The Gallery by BestWebSoft WordPress plugin versions prior to 4.7.0

Description The issue arises from improper sanitization of gallery information, leading to a Stored Cross-Site Scripting vulnerability. An attacker must have at least the privileges of the Author role to exploit this.

Recommendations For versions prior to 4.7.0, update to version 4.7.0 or later to resolve the issue. As a temporary workaround, consider restricting the privileges of users to prevent them from having at least the Author role, thereby minimizing the risk of exploitation.