WordPress Plugin Vulnerabilities

WP Photo Album Plus 5.4.4 & 5.4.3 Cross-Site Scripting (XSS)

Description

The WP Photo Album Plus WordPress plugin was affected by security vulnerability.

Affects Plugins

Plugin icon
wp-photo-album-plus
Fixed in 5.4.5

References

URL
https://wordpress.org/plugins/wp-photo-album-plus/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
3072681f-7aa6-45ef-91c2-02cb981dff54

Timeline

Publicly Published
2014-09-28 (about 11 years ago)
Added
2014-09-28 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2024-09-30
Title
WP Bulk Delete < 1.3.2 - Reflected Cross-Site Scripting
Published
2022-07-18
Title
Better Tag Cloud <= 0.99.5 - Admin+ Stored Cross-Site Scripting
Published
2024-05-10
Title
Graphina – Elementor Charts and Graphs < 1.8.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
Published
2024-06-10
Title
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) < 2.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via WL Product Horizontal Filter Widget
Published
2025-09-17
Title
Ghost Kit < 3.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting