漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Envira Gallery Lite < 1.8.3.3 - Authenticated Stored Cross-Site Scripting
Vulnerability Description
Unvalidated input and lack of output encoding in the Envira Gallery Lite WordPress plugin, versions before 1.8.3.3, did not properly sanitise the images metadata (namely title) before outputting them in the generated gallery, which could lead to privilege escalation.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Envira Gallery Lite 跨站脚本漏洞
Vulnerability Description
Envira Gallery Lite是Envira Gallery公司的一个为Wordpress提供响应式图库功能的插件。 WordPress Envira Gallery Lite plugin before 1.8.3.3 存在跨站脚本漏洞,该漏洞源于没有正确地清理图像元数据,导致特权升级。
CVSS Information
N/A
Vulnerability Type
N/A