Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Envira Gallery Lite < 1.8.3.3 - Authenticated Stored Cross-Site Scripting
Vulnerability Description
Unvalidated input and lack of output encoding in the Envira Gallery Lite WordPress plugin, versions before 1.8.3.3, did not properly sanitise the images metadata (namely title) before outputting them in the generated gallery, which could lead to privilege escalation.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Envira Gallery Lite 跨站脚本漏洞
Vulnerability Description
Envira Gallery Lite是Envira Gallery公司的一个为Wordpress提供响应式图库功能的插件。 WordPress Envira Gallery Lite plugin before 1.8.3.3 存在跨站脚本漏洞,该漏洞源于没有正确地清理图像元数据,导致特权升级。
CVSS Information
N/A
Vulnerability Type
N/A