WordPress Plugin Vulnerabilities

Responsive Image Gallery, Gallery Album <= 2.0.3 - Missing Authorization via Multiple AJAX Actions

Description

The Responsive Image Gallery, Gallery Album plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to missing capability checks on multiple AJAX functions in versions up to, and including, 2.0.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to e.g. create galleries, delete galleries, rename albums, delete albums, and more.

Affects Plugins

Plugin icon
gallery-album
No known fix

References

CVE
CVE-2023-45631
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/cb08cf02-4766-4093-9306-3b4581f54f77

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
5.4 (medium)

Miscellaneous

Original Researcher
thiennv
Verified
No
WPVDB ID
fca4cc02-44f3-4bd2-b320-43c0c052e6d1

Timeline

Publicly Published
2023-10-11 (about 2 years ago)
Added
2023-11-23 (about 2 years ago)
Last Updated
2024-01-10 (about 2 years ago)

Other

Published
Title
Published
2026-01-22
Title
ElementCamp < 2.3.6 - Missing Authorization
Published
2025-04-25
Title
Integração entre Eduzz e Woocommerce 1.5.0 - 1.7.5 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
Published
2024-07-16
Title
Event Manager, Events Calendar, Tickets, Registrations – Eventin < 4.0.5 - Missing Authorization to Authenticated (Contributor+) Event Data Import
Published
2024-12-19
Title
Premium Addons for Elementor < 4.10.57 - Missing Authorization
Published
2023-12-26
Title
ProjectHuddle Client Site < 1.0.35 - Missing Authorization via ph_child_ajax_notice_handler