CVE-2024-29808 | 10Web PhotoGallery Plugin up to 1.8.21 on WordPress admin-ajax.php image_id cross site scripting

Inserito da Angelo Barbosa | Mar 26, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in 10Web PhotoGallery Plugin up to 1.8.21 on WordPress. This issue affects some unknown processing of the file admin-ajax.php. The manipulation of the argument image_id leads to cross site scripting.

The identification of this vulnerability is CVE-2024-29808. The attack may be initiated remotely. There is no exploit available.

CVE-2024-29808 | 10Web PhotoGallery Plugin up to 1.8.21 on WordPress admin-ajax.php image_id cross site scripting

Post correlati

CVE-2024-3810 | ThemeNectar Salient Shortcodes Plugin up to 1.5.3 on WordPress filename control

CVE-2023-5384 | Infinispan Configuration information disclosure

CVE-2024-35353 | Diño Physics School Assistant 2.3 Users.php id improper authorization

CVE-2024-0996 | Tenda i9 1.0.0.9(4122) httpd /goform/setcfm formSetCfm funcpara1 stack-based overflow