CVE-2024-37442

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Photo Gallery Team Photo Gallery by Ays allows Code Injection.This issue affects Photo Gallery by Ays: from n/a before 5.7.1.
Configurations

Configuration 1 (hide)

cpe:2.3:a:ays-pro:photo_gallery:*:*:*:*:*:wordpress:*:*

History

29 Aug 2024, 18:49

Type Values Removed Values Added
CPE cpe:2.3:a:ays-pro:photo_gallery:*:*:*:*:*:wordpress:*:*
CVSS v2 : unknown
v3 : 3.8
v2 : unknown
v3 : 5.5
First Time Ays-pro photo Gallery
Ays-pro
References () https://patchstack.com/database/vulnerability/gallery-photo-gallery/wordpress-photo-gallery-by-ays-responsive-image-gallery-plugin-5-7-1-html-injection-vulnerability?_s_id=cve - () https://patchstack.com/database/vulnerability/gallery-photo-gallery/wordpress-photo-gallery-by-ays-responsive-image-gallery-plugin-5-7-1-html-injection-vulnerability?_s_id=cve - Third Party Advisory

09 Jul 2024, 18:19

Type Values Removed Values Added
Summary
  • (es) La neutralización incorrecta de elementos especiales en la salida utilizada por una vulnerabilidad de componente posterior ('inyección') en Photo Gallery Team Photo Gallery by Ays permite la inyección de código. Este problema afecta a Photo Gallery by Ays: desde n/a antes de 5.7.1.

09 Jul 2024, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-09 11:15

Updated : 2024-08-29 18:49


NVD link : CVE-2024-37442

Mitre link : CVE-2024-37442

CVE.ORG link : CVE-2024-37442


JSON object : View

Products Affected

ays-pro

  • photo_gallery
CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')