The plugin does not sanitise and escape the task parameter before outputing back in a JavaScript context via the grsGalleryAjax AJAx action 9available to both unauthenticated and authenticated users), leading to a reflected cross-Site Scripting
https://example.comwp-admin/admin-ajax.php?action=grsGalleryAjax&grsAction=shortcode&task=</script><img src onerror=alert(`XSS`)>
Yes
2019-06-26 (about 3 years ago)
2019-08-20 (about 3 years ago)
2022-03-05 (about 1 years ago)