Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images[1][alttext] parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress Photocrati NextGEN Gallery插件跨站脚本漏洞
Vulnerability Description
WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。Photocrati NextGEN Gallery plugin是其中的一个图片管理插件。 WordPress Photocrati NextGEN Gallery插件2.1.15版本中的nggallery-manage-gallery页面存在跨站脚本漏洞。远程攻击者可借助‘images[1][alttext]’参数利用该漏洞更改登录用户的密码,并使用户会话失效。
CVSS Information
N/A
Vulnerability Type
N/A