Filtered by vendor Unitegallery
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-34183 | 1 Unitegallery | 1 Unite Gallery Lite | 2024-11-21 | N/A | 5.9 MEDIUM |
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Valiano Unite Gallery Lite plugin <= 1.7.61 versions. | |||||
CVE-2015-9447 | 1 Unitegallery | 1 Unite Gallery Lite | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin.php galleryid or id parameters. | |||||
CVE-2015-9446 | 1 Unitegallery | 1 Unite Gallery Lite | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
The unite-gallery-lite plugin before 1.5 for WordPress has SQL injection via data[galleryID] to wp-admin/admin-ajax.php. | |||||
CVE-2015-9445 | 1 Unitegallery | 1 Unite Gallery Lite | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin-ajax.php in a unitegallery_ajax_action operation. |