WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Photo Gallery by 10Web <= 1.5.24 - Authenticated LFI

Description

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by an Authenticated LFI security vulnerability.

Affects Plugins

photo-gallery
Fixed in version 1.5.25

References

CVE
CVE-2019-14798
URL
https://plugins.trac.wordpress.org/changeset?reponame=&new=2088371%40photo-gallery&old=2087556%40photo-gallery

Classification

Type

LFI

OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Verified

No

WPVDB ID
bb01dd50-72fe-4e43-9d79-122937a9b39c

Timeline

Publicly Published

2019-05-15 (about 3 years ago)

Added

2019-06-19 (about 3 years ago)

Last Updated

2020-09-22 (about 1 years ago)

Our Other Services

WPScan WordPress Security Plugin