WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

WP Photo Album Plus <= 6.1.2 - Stored Cross-Site Scripting (XSS)

Description

The WP Photo Album Plus WordPress plugin was affected by a Stored Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

wp-photo-album-plus
Fixed in version 6.1.3

References

CVE
CVE-2015-3647
URL
https://www.immuniweb.com/advisory/HTB23257
URL
https://packetstormsecurity.com/files/131976/

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter
ethicalhack3r
Verified

No

WPVDB ID
dff770c5-c18b-464c-a418-dbc6cf9c0800

Timeline

Publicly Published

2015-05-20 (about 7 years ago)

Added

2015-05-20 (about 7 years ago)

Last Updated

2019-10-21 (about 3 years ago)

Our Other Services

WPScan WordPress Security Plugin