Responsive Image Gallery, Gallery Album <= 2.0.3 – Unauthenticated Stored XSS | CVE 2023-45630

Affects Plugins

gallery-album

No known fix

References

CVE

CVE-2023-45630

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

7.1 (high)

Miscellaneous

Original Researcher

thiennv

Verified

No

WPVDB ID

43a44f43-7625-407b-9845-1378bd602c16

Timeline

Publicly Published

2023-10-18 (about 2 years ago)

Added

2023-10-20 (about 2 years ago)

Last Updated

2023-10-20 (about 2 years ago)

Other

Published

Title

Published

2024-02-01

Title

SlimStat Analytics < 5.1.4 - Subscriber+ Stored XSS

Published

2025-01-03

Title

WPBITS Addons For Elementor Page Builder < 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2024-08-07

Title

Graphina < 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2023-06-23

Title

Enable SVG, WebP & ICO Upload < 1.1.1 - Author+ Stored XSS

Published

2022-09-15

Title

Awesome Filterable Portfolio <= 1.9.7 - Unauthenticated Stored Cross-Site Scripting