Skip to main content

Photospace Gallery

2 CVEs product

Monthly

CVE-2022-3991 MEDIUM POC This Month

The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update() function in versions up to, and including, 2.3.5 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Photospace Gallery
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-38135 MEDIUM This Month

Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin <= 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation Photospace Gallery
NVD
CVSS 3.1
4.3
EPSS
0.5%
EPSS 0% CVSS 6.4
MEDIUM POC This Month

The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update() function in versions up to, and including, 2.3.5 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Photospace Gallery
NVD VulDB
EPSS 1% CVSS 4.3
MEDIUM This Month

Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin <= 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation Photospace Gallery
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy