Search criteria
2 vulnerabilities found for grid_gallery by awplife
CVE-2021-24529 (GCVE-0-2021-24529)
Vulnerability from nvd – Published: 2021-08-23 11:10 – Updated: 2024-08-03 19:35
VLAI?
Title
Grid Gallery < 1.2.5 - Authenticated Stored Cross Site Scripting (XSS)
Summary
The Grid Gallery – Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Grid Gallery – Photo Image Grid Gallery |
Affected:
1.2.5 , < 1.2.5
(custom)
|
Credits
Amal E Thamban
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:35:20.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Grid Gallery \u2013 Photo Image Grid Gallery",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.2.5",
"status": "affected",
"version": "1.2.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Amal E Thamban"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Grid Gallery \u2013 Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-23T11:10:00",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Grid Gallery \u003c 1.2.5 - Authenticated Stored Cross Site Scripting (XSS)",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24529",
"STATE": "PUBLIC",
"TITLE": "Grid Gallery \u003c 1.2.5 - Authenticated Stored Cross Site Scripting (XSS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Grid Gallery \u2013 Photo Image Grid Gallery",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.2.5",
"version_value": "1.2.5"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Amal E Thamban"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Grid Gallery \u2013 Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24529",
"datePublished": "2021-08-23T11:10:00",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:35:20.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24529 (GCVE-0-2021-24529)
Vulnerability from cvelistv5 – Published: 2021-08-23 11:10 – Updated: 2024-08-03 19:35
VLAI?
Title
Grid Gallery < 1.2.5 - Authenticated Stored Cross Site Scripting (XSS)
Summary
The Grid Gallery – Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Grid Gallery – Photo Image Grid Gallery |
Affected:
1.2.5 , < 1.2.5
(custom)
|
Credits
Amal E Thamban
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:35:20.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Grid Gallery \u2013 Photo Image Grid Gallery",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.2.5",
"status": "affected",
"version": "1.2.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Amal E Thamban"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Grid Gallery \u2013 Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-23T11:10:00",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Grid Gallery \u003c 1.2.5 - Authenticated Stored Cross Site Scripting (XSS)",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24529",
"STATE": "PUBLIC",
"TITLE": "Grid Gallery \u003c 1.2.5 - Authenticated Stored Cross Site Scripting (XSS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Grid Gallery \u2013 Photo Image Grid Gallery",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.2.5",
"version_value": "1.2.5"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Amal E Thamban"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Grid Gallery \u2013 Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/8953d931-19f9-4b73-991c-9c48db1af8b5"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24529",
"datePublished": "2021-08-23T11:10:00",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:35:20.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}