WordPress Plugin Vulnerabilities
Contest Gallery < 14.0.0 - Author+ Stored Cross-Site Scripting
Description
The plugin does not sanitise and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks
Affects Plugins
Fixed in version 14.0.0
References
Classification
Miscellaneous
Timeline
Publicly Published
2021-12-20 (about 1 years ago)
Added
2022-04-18 (about 1 years ago)
Last Updated
2022-04-19 (about 1 years ago)