Skip to main content

Mosaic Gallery 8211 Advanced Gallery

1 CVEs product

Monthly

CVE-2026-57755 MEDIUM This Month

Stored or reflected Cross-Site Scripting in the Mosaic Gallery - Advanced Gallery WordPress plugin (versions <= 1.2.0) is exploitable by authenticated users holding a Contributor role. A Contributor-level attacker can inject malicious JavaScript into gallery content, which executes in the browsers of higher-privileged users - such as editors or administrators - who subsequently view the affected page, enabling session hijacking or unauthorized administrative action. No public exploit code or active exploitation has been confirmed at time of analysis.

XSS Mosaic Gallery 8211 Advanced Gallery
NVD
CVSS 3.1
6.5
EPSS
0.1%
EPSS 0% CVSS 6.5
MEDIUM This Month

Stored or reflected Cross-Site Scripting in the Mosaic Gallery - Advanced Gallery WordPress plugin (versions <= 1.2.0) is exploitable by authenticated users holding a Contributor role. A Contributor-level attacker can inject malicious JavaScript into gallery content, which executes in the browsers of higher-privileged users - such as editors or administrators - who subsequently view the affected page, enabling session hijacking or unauthorized administrative action. No public exploit code or active exploitation has been confirmed at time of analysis.

XSS Mosaic Gallery 8211 Advanced Gallery
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy