WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

WP Photo Album Plus - "commentid" Cross-Site Scripting

Description

The WP Photo Album Plus WordPress plugin was affected by a "commentid" Cross-Site Scripting  security vulnerability.

Affects Plugins

wp-photo-album-plus
Fixed in version 5.0.3

References

CVE
CVE-2013-3254

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Verified

No

WPVDB ID
863c48d7-b370-4732-8732-915e00a0becd

Timeline

Publicly Published

2014-08-01 (about 8 years ago)

Added

2014-08-01 (about 8 years ago)

Last Updated

2019-10-21 (about 3 years ago)

Our Other Services

WPScan WordPress Security Plugin