PT-2024-10561 · Unknown · Rt-Prettyphoto Plugin
Published
2024-01-02
·
Updated
2024-05-17
·
CVE-2015-10128
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
rt-prettyphoto Plugin versions up to 1.2
Description
A vulnerability was found in the rt-prettyphoto Plugin, which is classified as problematic. The issue affects the
royal prettyphoto plugin links function of the file rt-prettyphoto.php, leading to cross-site scripting. The attack can be launched remotely. Upgrading to version 1.3 is able to address this issue.Recommendations
For rt-prettyphoto Plugin versions up to 1.2, upgrade to version 1.3 to address the issue. As a temporary workaround, consider disabling the
royal prettyphoto plugin links function until a patch is available.Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rt-Prettyphoto Plugin