Search Results | AttackerKB

Cross-site Scripting (XSS) in the spreadshirt-rss-3d-cube-flash-gallery plugin 2014 for WordPress allows remote attackers to execute arbitrary web script or HTML via unspecified parameters.

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2016-10940

Disclosure Date: September 13, 2019 (last updated November 27, 2024)

The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter.

Attack Vector: Network Privileges: High User Interaction: None

Attacker Value

Unknown

CVE-2013-7482

Disclosure Date: August 22, 2019 (last updated November 27, 2024)

The reflex-gallery plugin before 1.4.3 for WordPress has XSS.

Attacker Value

Unknown

CVE-2015-9327

Disclosure Date: August 21, 2019 (last updated November 27, 2024)

The flickr-justified-gallery plugin before 3.4.0 for WordPress has XSS.

Attacker Value

Unknown

CVE-2017-17869

Disclosure Date: December 27, 2017 (last updated November 26, 2024)

The mgl-instagram-gallery plugin for WordPress has XSS via the single-gallery.php media parameter.

Attacker Value

Unknown

CVE-2015-5682

Disclosure Date: May 23, 2017 (last updated November 26, 2024)

upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to create arbitrary directories via vectors related to the targetDir variable.

Attacker Value

Unknown

CVE-2016-1000153

Disclosure Date: October 10, 2016 (last updated November 25, 2024)

Reflected XSS in wordpress plugin tidio-gallery v1.1

78 Total Results

Displaying 31-40 of 78

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Quick Cookie Notification