Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-2562 | 1 Gallery-metabox Project | 1 Gallery-metabox | 2024-11-21 | N/A | 4.3 MEDIUM |
The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refresh_metabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post. | |||||
CVE-2023-2561 | 1 Gallery-metabox Project | 1 Gallery-metabox | 2024-11-21 | N/A | 4.3 MEDIUM |
The Gallery Metabox for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gallery_remove function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to modify galleries attached to posts and pages with this plugin. |