Stored XSS Vulnerabilities in 10Web Photo Gallery Plugin for WordPress

Stored XSS Vulnerabilities in 10Web Photo Gallery Plugin for WordPress

CVE-2020-9335 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users.

Learn more about our Wordpress Pen Testing.