User

Welcome to WordPress Community Forum. Please login or sign up.

Nov 25, 2024, 02:21 PM

Login with username, password and session length

Shoutbox

Recent

Stats

Members
Stats
  • Total Posts: 55
  • Total Topics: 45
  • Online today: 5
  • Online ever: 136 (Apr 17, 2022, 11:37 PM)
Users Online
  • Users: 0
  • Guests: 5
  • Total: 5

Online

5 Guests, 0 Users

WordPress Gallery Bank plugin <= 4.0.50 Vulnerability

Started by Kailash, Jun 10, 2022, 05:21 AM

Previous topic - Next topic

WordPress Premium Themes


Print
Go Down Pages1
User actions

Kailash

Jun 10, 2022, 05:21 AM
WordPress Gallery Bank plugin <= 4.0.50 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Media Upload Module

Plugin name: WordPress Gallery Bank plugin
Vulnerable versions: <= 4.0.50
Fixed in: N/A (This plugin has been closed as of December 9, 2021)
CVE ID: N/A
Classification: Cross Site Scripting (XSS)
Publicly disclosed: 2022-06-09

Vulnerability Details

Authenticated Stored Cross-Site Scripting (XSS) vulnerability via Media Upload Module discovered by Vishnupriya Ilango (Fortinet FortiGuard Labs) in WordPress Gallery Bank plugin (versions <= 4.0.50).

Solution

Deactivate and delete. This plugin has been closed as of December 9, 2021 and is not available for download. Reason: Security Issue.

Plugin Link: This plugin has been closed as of December 9, 2021.

WordPress Premium Themes


Print
Go Up Pages1
User actions