Vulnerabilities (CVE)

Filtered by vendor Codeasily Subscribe
Filtered by product Gmedia Gallery
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0873 1 Codeasily 1 Gmedia Gallery 2024-02-28 3.5 LOW 4.8 MEDIUM
The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the Album's name before outputting it in pages/posts with a media embed, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered-html capability is disallowed