CVE-2024-10102

Name of the Vulnerable Software and Affected Versions Rbs Image Gallery WordPress plugin versions prior to 3.2.22

Description The issue concerns the Rbs Image Gallery WordPress plugin, where some of its Gallery settings are not properly sanitised and escaped. This could allow high privilege users, such as contributors, to perform Stored Cross-Site Scripting attacks.

Recommendations For versions prior to 3.2.22, update to version 3.2.22 or later to resolve the issue. As a temporary workaround, consider restricting access to the Gallery settings to minimize the risk of exploitation.