First published: Mon Apr 17 2023(Updated: )
The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not perform proper sanitization of gallery information, leading to a Stored Cross-Site Scription vulnerability. The attacker must have at least the privileges of the Author role.
Credit: contact@wpscan.com
Affected Software | Affected Version | How to fix |
---|---|---|
Bestwebsoft Gallery Wordpress | <4.7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-0764.
The severity of CVE-2023-0764 is medium with a CVSS score of 5.4.
The affected software is The Gallery by BestWebSoft WordPress plugin before version 4.7.0.
The impact of CVE-2023-0764 is a Stored Cross-Site Scripting vulnerability.
To fix CVE-2023-0764, update The Gallery by BestWebSoft WordPress plugin to version 4.7.0 or later.