Refine your search
41 vulnerabilities found for by 10Web
CVE-2026-3330 (GCVE-0-2026-3330)
Vulnerability from cvelistv5
Published
2026-04-17 03:36
Modified
2026-04-17 11:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
The Form Maker by 10Web plugin for WordPress is vulnerable to SQL Injection via the 'ip_search', 'startdate', 'enddate', 'username_search', and 'useremail_search' parameters in all versions up to, and including, 1.15.40. This is due to the `WDW_FM_Library::validate_data()` method calling `stripslashes()` on user input (removing WordPress's `wp_magic_quotes()` protection) and the `FMModelSubmissions_fm::get_labels_parameters()` function directly concatenating user-supplied values into SQL queries without using `$wpdb->prepare()`. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Additionally, the Submissions controller skips nonce verification for the `display` task, which means this vulnerability can be triggered via CSRF by tricking an administrator into clicking a crafted link.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder |
Version: 0 ≤ 1.15.40 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-17T11:15:17.474910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-17T11:15:39.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.15.40",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sein Linn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Form Maker by 10Web plugin for WordPress is vulnerable to SQL Injection via the \u0027ip_search\u0027, \u0027startdate\u0027, \u0027enddate\u0027, \u0027username_search\u0027, and \u0027useremail_search\u0027 parameters in all versions up to, and including, 1.15.40. This is due to the `WDW_FM_Library::validate_data()` method calling `stripslashes()` on user input (removing WordPress\u0027s `wp_magic_quotes()` protection) and the `FMModelSubmissions_fm::get_labels_parameters()` function directly concatenating user-supplied values into SQL queries without using `$wpdb-\u003eprepare()`. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Additionally, the Submissions controller skips nonce verification for the `display` task, which means this vulnerability can be triggered via CSRF by tricking an administrator into clicking a crafted link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-17T03:36:43.818Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5e383b8a-27e5-4b35-8d11-6e4102255d44?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.22/admin/models/Submissions_fm.php#L154"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/trunk/admin/models/Submissions_fm.php#L154"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.22/framework/WDW_FM_Library.php#L415"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/trunk/framework/WDW_FM_Library.php#L415"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.22/admin/controllers/Submissions_fm.php#L84"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/trunk/admin/controllers/Submissions_fm.php#L84"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3501693%40form-maker\u0026new=3501693%40form-maker\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-27T14:54:41.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-04-16T15:04:04.000Z",
"value": "Disclosed"
}
],
"title": "Form Maker by 10Web \u003c= 1.15.40 - Authenticated (Administrator+) SQL Injection via \u0027ip_search\u0027 Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-3330",
"datePublished": "2026-04-17T03:36:43.818Z",
"dateReserved": "2026-02-27T14:37:55.825Z",
"dateUpdated": "2026-04-17T11:15:39.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4388 (GCVE-0-2026-4388)
Vulnerability from cvelistv5
Published
2026-04-14 02:25
Modified
2026-04-14 14:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Matrix field (Text Box input type) in form submissions in all versions up to, and including, 1.15.40. This is due to insufficient input sanitization (`sanitize_text_field` strips tags but not quotes) and missing output escaping when rendering submission data in the admin Submissions view. This makes it possible for unauthenticated attackers to inject arbitrary JavaScript through a form submission that executes in the browser of an administrator who views the submission details.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder |
Version: 0 ≤ 1.15.40 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-14T14:02:24.488962Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T14:04:52.784Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.15.40",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Naoya Takahashi"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Matrix field (Text Box input type) in form submissions in all versions up to, and including, 1.15.40. This is due to insufficient input sanitization (`sanitize_text_field` strips tags but not quotes) and missing output escaping when rendering submission data in the admin Submissions view. This makes it possible for unauthenticated attackers to inject arbitrary JavaScript through a form submission that executes in the browser of an administrator who views the submission details."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T02:25:48.339Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/197449f5-9304-49df-9261-a354145fc00e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.37/admin/views/FormMakerSubmits.php#L169"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.37/admin/views/FormMakerSubmits.php#L166"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.37/frontend/models/form_maker.php#L2352"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3501693%40form-maker%2Ftrunk\u0026old=3492680%40form-maker%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-18T14:25:04.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-04-13T13:52:02.000Z",
"value": "Disclosed"
}
],
"title": "Form Maker by 10Web \u003c= 1.15.40 - Unauthenticated Stored Cross-Site Scripting via Matrix Field Text Box"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-4388",
"datePublished": "2026-04-14T02:25:48.339Z",
"dateReserved": "2026-03-18T14:09:39.621Z",
"dateUpdated": "2026-04-14T14:04:52.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32330 (GCVE-0-2026-32330)
Vulnerability from cvelistv5
Published
2026-03-13 11:41
Modified
2026-04-01 14:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Summary
Cross-Site Request Forgery (CSRF) vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Cross Site Request Forgery.This issue affects Photo Gallery by 10Web: from n/a through <= 1.8.37.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | Photo Gallery by 10Web |
Version: 0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-32330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T19:56:58.033456Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T19:57:18.639Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "photo-gallery",
"product": "Photo Gallery by 10Web",
"vendor": "10Web",
"versions": [
{
"changes": [
{
"at": "1.8.38",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.8.37",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cid_Kagenou_Sama | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:04:36.870Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Cross Site Request Forgery.\u003cp\u003eThis issue affects Photo Gallery by 10Web: from n/a through \u003c= 1.8.37.\u003c/p\u003e"
}
],
"value": "Cross-Site Request Forgery (CSRF) vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Cross Site Request Forgery.This issue affects Photo Gallery by 10Web: from n/a through \u003c= 1.8.37."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Request Forgery"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T14:15:52.358Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/photo-gallery/vulnerability/wordpress-photo-gallery-by-10web-plugin-1-8-37-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"title": "WordPress Photo Gallery by 10Web plugin \u003c= 1.8.37 - Cross Site Request Forgery (CSRF) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-32330",
"datePublished": "2026-03-13T11:41:55.160Z",
"dateReserved": "2026-03-12T11:10:25.225Z",
"dateUpdated": "2026-04-01T14:15:52.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27360 (GCVE-0-2026-27360)
Vulnerability from cvelistv5
Published
2026-02-19 20:35
Modified
2026-04-01 14:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.This issue affects Photo Gallery by 10Web: from n/a through <= 1.8.38.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | Photo Gallery by 10Web |
Version: 0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-27360",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T17:18:19.584627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T17:19:02.553Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "photo-gallery",
"product": "Photo Gallery by 10Web",
"vendor": "10Web",
"versions": [
{
"changes": [
{
"at": "1.8.39",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.8.38",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tabulra | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:05:15.838Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.\u003cp\u003eThis issue affects Photo Gallery by 10Web: from n/a through \u003c= 1.8.38.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.This issue affects Photo Gallery by 10Web: from n/a through \u003c= 1.8.38."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T14:15:11.023Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/photo-gallery/vulnerability/wordpress-photo-gallery-by-10web-plugin-1-8-37-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress Photo Gallery by 10Web plugin \u003c= 1.8.38 - Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-27360",
"datePublished": "2026-02-19T20:35:42.196Z",
"dateReserved": "2026-02-19T09:51:48.837Z",
"dateUpdated": "2026-04-01T14:15:11.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1058 (GCVE-0-2026-1058)
Vulnerability from cvelistv5
Published
2026-02-03 06:38
Modified
2026-04-08 17:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The Form Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via hidden field values in all versions up to, and including, 1.15.35. This is due to insufficient output escaping when displaying hidden field values in the admin submissions list. The plugin uses html_entity_decode() on user-supplied hidden field values without subsequent escaping before output, which converts HTML entity-encoded payloads back into executable JavaScript. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in the admin submissions view that will execute whenever an administrator accesses the submissions list.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder |
Version: 0 ≤ 1.15.35 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1058",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-03T15:25:59.393794Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T15:30:21.249Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.15.35",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Supakiad S."
}
],
"descriptions": [
{
"lang": "en",
"value": "The Form Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via hidden field values in all versions up to, and including, 1.15.35. This is due to insufficient output escaping when displaying hidden field values in the admin submissions list. The plugin uses html_entity_decode() on user-supplied hidden field values without subsequent escaping before output, which converts HTML entity-encoded payloads back into executable JavaScript. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in the admin submissions view that will execute whenever an administrator accesses the submissions list."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:28:49.695Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e0ec0027-2792-4069-b413-8fdd951f5fe7?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.34/admin/views/Submissions_fm.php#L759"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3447011%40form-maker%2Ftrunk\u0026old=3440395%40form-maker%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-16T18:36:05.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-02-02T18:21:06.000Z",
"value": "Disclosed"
}
],
"title": "Form Maker by 10Web \u003c= 1.15.35 - Unauthenticated Stored Cross-Site Scripting via Hidden Field"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-1058",
"datePublished": "2026-02-03T06:38:05.509Z",
"dateReserved": "2026-01-16T18:20:44.141Z",
"dateUpdated": "2026-04-08T17:28:49.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1065 (GCVE-0-2026-1065)
Vulnerability from cvelistv5
Published
2026-02-03 06:38
Modified
2026-04-08 17:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Summary
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.35. This is due to the plugin's default file upload allowlist including SVG files combined with weak substring-based extension validation. This makes it possible for unauthenticated attackers to upload malicious SVG files containing JavaScript code that will execute when viewed by administrators or site visitors via file upload fields in forms granted they can submit forms.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder |
Version: 0 ≤ 1.15.35 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1065",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-03T15:29:03.731766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T15:30:36.400Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.15.35",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Supakiad S."
}
],
"descriptions": [
{
"lang": "en",
"value": "The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.35. This is due to the plugin\u0027s default file upload allowlist including SVG files combined with weak substring-based extension validation. This makes it possible for unauthenticated attackers to upload malicious SVG files containing JavaScript code that will execute when viewed by administrators or site visitors via file upload fields in forms granted they can submit forms."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:03:54.659Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8230d5f8-01d9-465a-8a43-e9852248bb3d?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.34/js/add_field.js#L2364"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.34/frontend/models/form_maker.php#L1744"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/tags/1.15.34/frontend/models/form_maker.php#L1855"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3447011%40form-maker%2Ftrunk\u0026old=3440395%40form-maker%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-16T19:31:56.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-02-02T18:12:37.000Z",
"value": "Disclosed"
}
],
"title": "Form Maker by 10Web \u003c= 1.15.35 - Unauthenticated Stored Cross-Site Scripting via SVG file"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-1065",
"datePublished": "2026-02-03T06:38:04.369Z",
"dateReserved": "2026-01-16T19:16:43.079Z",
"dateUpdated": "2026-04-08T17:03:54.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1036 (GCVE-0-2026-1036)
Vulnerability from cvelistv5
Published
2026-01-21 23:23
Modified
2026-04-08 16:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_comment() function in all versions up to, and including, 1.8.36. This makes it possible for unauthenticated attackers to delete arbitrary image comments. Note: comments functionality is only available in the Pro version of the plugin.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 0 ≤ 1.8.36 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1036",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-22T14:44:56.011900Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T14:45:03.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.36",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Moose Love"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_comment() function in all versions up to, and including, 1.8.36. This makes it possible for unauthenticated attackers to delete arbitrary image comments. Note: comments functionality is only available in the Pro version of the plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:51:50.257Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4eb2ae42-584d-4da8-9184-461b5a37b7b6?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.35/frontend/controllers/BWGControllerGalleryBox.php#L173"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-06T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2026-01-16T12:44:28.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-01-21T10:40:15.000Z",
"value": "Disclosed"
}
],
"title": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery \u003c= 1.8.36 - Missing Authorization to Unauthenticated Arbitrary Comment Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-1036",
"datePublished": "2026-01-21T23:23:27.600Z",
"dateReserved": "2026-01-16T12:28:18.569Z",
"dateUpdated": "2026-04-08T16:51:50.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13377 (GCVE-0-2025-13377)
Vulnerability from cvelistv5
Published
2025-12-06 06:39
Modified
2026-04-08 17:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
The 10Web Booster – Website speed optimization, Cache & Page Speed optimizer plugin for WordPress is vulnerable to arbitrary folder deletion due to insufficient file path validation in the get_cache_dir_for_page_from_url() function in all versions up to, and including, 2.32.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary folders on the server, which can easily lead to a loss of data or a denial of service condition.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | 10Web Booster – Website speed optimization, Cache & Page Speed optimizer |
Version: 0 ≤ 2.32.7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-08T21:27:01.311606Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-08T21:27:13.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "10Web Booster \u2013 Website speed optimization, Cache \u0026 Page Speed optimizer",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "2.32.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Angus Girvan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The 10Web Booster \u2013 Website speed optimization, Cache \u0026 Page Speed optimizer plugin for WordPress is vulnerable to arbitrary folder deletion due to insufficient file path validation in the get_cache_dir_for_page_from_url() function in all versions up to, and including, 2.32.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary folders on the server, which can easily lead to a loss of data or a denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:34:03.487Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8bcf51a-36ee-4d4d-b9d6-d9db0dafd791?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3402434/tenweb-speed-optimizer"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-20T08:28:37.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-12-05T18:28:50.000Z",
"value": "Disclosed"
}
],
"title": "10Web Booster \u003c= 2.32.7 - Authenticated (Subscriber+) Arbitrary Folder Deletion via two_clear_page_cache"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-13377",
"datePublished": "2025-12-06T06:39:09.191Z",
"dateReserved": "2025-11-18T19:31:43.901Z",
"dateUpdated": "2026-04-08T17:34:03.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-36853 (GCVE-0-2020-36853)
Vulnerability from cvelistv5
Published
2025-10-18 03:33
Modified
2026-04-08 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The 10WebMapBuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Plugin Settings Change in versions up to, and including, 1.0.63 due to insufficient input sanitization and output escaping and a lack of capability checks. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | 10Web Map Builder for Google Maps |
Version: 0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36853",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-20T18:40:09.059095Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T18:40:17.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "10Web Map Builder for Google Maps",
"vendor": "10web",
"versions": [
{
"lessThan": "1.0.64",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mikey Veenstra"
}
],
"descriptions": [
{
"lang": "en",
"value": "The 10WebMapBuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Plugin Settings Change in versions up to, and including, 1.0.63 due to insufficient input sanitization and output escaping and a lack of capability checks. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:02:37.382Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7c1c24cc-9388-4d91-8dc6-c67d3420cc94?source=cve"
},
{
"url": "https://www.wordfence.com/blog/2020/02/site-takeover-campaign-exploits-multiple-zero-day-vulnerabilities/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2251882/wd-google-maps"
}
],
"timeline": [
{
"lang": "en",
"time": "2020-02-27T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "10WebMapBuilder \u003c= 1.0.63 - Unauthenticated Stored Cross-Site Scripting via Plugin Settings Change"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2020-36853",
"datePublished": "2025-10-18T03:33:23.819Z",
"dateReserved": "2025-10-17T15:03:30.170Z",
"dateUpdated": "2026-04-08T17:02:37.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48341 (GCVE-0-2025-48341)
Vulnerability from cvelistv5
Published
2025-05-19 14:55
Modified
2026-04-01 15:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Form Maker by 10Web form-maker allows Stored XSS.This issue affects Form Maker by 10Web: from n/a through <= 1.15.33.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | Form Maker by 10Web |
Version: 0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48341",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-19T15:06:35.225329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-19T15:15:46.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "form-maker",
"product": "Form Maker by 10Web",
"vendor": "10Web",
"versions": [
{
"changes": [
{
"at": "1.15.34",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.15.33",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nabil Irawan | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:40:42.733Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in 10Web Form Maker by 10Web form-maker allows Stored XSS.\u003cp\u003eThis issue affects Form Maker by 10Web: from n/a through \u003c= 1.15.33.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in 10Web Form Maker by 10Web form-maker allows Stored XSS.This issue affects Form Maker by 10Web: from n/a through \u003c= 1.15.33."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:54:43.339Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/form-maker/vulnerability/wordpress-form-maker-by-10web-1-15-33-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress Form Maker by 10Web plugin \u003c= 1.15.33 - Cross Site Scripting (XSS) Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-48341",
"datePublished": "2025-05-19T14:55:22.115Z",
"dateReserved": "2025-05-19T14:41:32.123Z",
"dateUpdated": "2026-04-01T15:54:43.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-2269 (GCVE-0-2025-2269)
Vulnerability from cvelistv5
Published
2025-04-11 23:21
Modified
2026-04-08 17:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘image_id’ parameter in all versions up to, and including, 1.8.34 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick an administrative user into performing an action such as clicking on a link.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 0 ≤ 1.8.34 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2269",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T16:53:57.380329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T17:05:41.706Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.34",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ivan Kuzymchak"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018image_id\u2019 parameter in all versions up to, and including, 1.8.34 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick an administrative user into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:24:21.021Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce261415-870c-4300-85e8-b15a02c7eec5?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.34/admin/views/Editimage.php#L39"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-12T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-04-11T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery \u003c= 1.8.34 Reflected Cross-Site Scripting via \u0027image_id\u0027 Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-2269",
"datePublished": "2025-04-11T23:21:55.426Z",
"dateReserved": "2025-03-12T20:52:26.055Z",
"dateUpdated": "2026-04-08T17:24:21.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-45272 (GCVE-0-2023-45272)
Vulnerability from cvelistv5
Published
2025-01-02 14:53
Modified
2025-01-03 18:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.73.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | 10Web Map Builder for Google Maps |
Version: n/a < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45272",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-02T17:34:50.066504Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T18:57:29.244Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wd-google-maps",
"product": "10Web Map Builder for Google Maps",
"vendor": "10Web",
"versions": [
{
"changes": [
{
"at": "1.0.74",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.73",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.\u003cp\u003eThis issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.73.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.73."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T14:53:25.291Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/wd-google-maps/vulnerability/wordpress-10web-map-builder-for-google-maps-plugin-1-0-73-notice-dismissal-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress 10Web Map Builder for Google Maps plugin to the latest available version (at least 1.0.74)."
}
],
"value": "Update the WordPress 10Web Map Builder for Google Maps plugin to the latest available version (at least 1.0.74)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress 10Web Map Builder for Google Maps plugin \u003c= 1.0.73 - Notice Dismissal Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-45272",
"datePublished": "2025-01-02T14:53:25.291Z",
"dateReserved": "2023-10-06T13:05:32.934Z",
"dateUpdated": "2025-01-03T18:57:29.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-47807 (GCVE-0-2023-47807)
Vulnerability from cvelistv5
Published
2025-01-02 14:16
Modified
2025-01-02 14:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
Missing Authorization vulnerability in 10Web 10WebAnalytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10WebAnalytics: from n/a through 1.2.12.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | 10WebAnalytics |
Version: n/a < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47807",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-02T14:44:41.599062Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T14:44:50.397Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wd-google-analytics",
"product": "10WebAnalytics",
"vendor": "10Web",
"versions": [
{
"lessThanOrEqual": "1.2.12",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in 10Web 10WebAnalytics allows Exploiting Incorrectly Configured Access Control Security Levels.\u003cp\u003eThis issue affects 10WebAnalytics: from n/a through 1.2.12.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in 10Web 10WebAnalytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10WebAnalytics: from n/a through 1.2.12."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T14:16:14.550Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/wd-google-analytics/vulnerability/wordpress-10webanalytics-plugin-1-2-12-broken-access-control-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress 10WebAnalytics plugin \u003c= 1.2.12 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-47807",
"datePublished": "2025-01-02T14:16:14.550Z",
"dateReserved": "2023-11-12T21:34:32.190Z",
"dateUpdated": "2025-01-02T14:44:50.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5020 (GCVE-0-2024-5020)
Vulnerability from cvelistv5
Published
2024-12-04 08:22
Modified
2026-04-08 17:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions 1.3.4 to 3.5.7) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| extendthemes | Colibri Page Builder |
Version: 0 ≤ 1.0.286 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T14:02:27.273797Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T14:09:09.188Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Colibri Page Builder",
"vendor": "extendthemes",
"versions": [
{
"lessThanOrEqual": "1.0.286",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Envira Gallery \u2013 Image Photo Gallery, Albums, Video Gallery, Slideshows \u0026 More",
"vendor": "smub",
"versions": [
{
"lessThanOrEqual": "1.8.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Accordion Slider",
"vendor": "bqworks",
"versions": [
{
"lessThanOrEqual": "1.9.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.15.27",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Getwid \u2013 Gutenberg Blocks",
"vendor": "jetmonsters",
"versions": [
{
"lessThanOrEqual": "2.0.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Firelight Lightbox",
"vendor": "firelightwp",
"versions": [
{
"lessThanOrEqual": "2.3.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Responsive Lightbox \u0026 Gallery",
"vendor": "dfactory",
"versions": [
{
"lessThanOrEqual": "2.4.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel",
"vendor": "shapedplugin",
"versions": [
{
"lessThanOrEqual": "2.6.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FancyBox for WordPress",
"vendor": "colorlibplugins",
"versions": [
{
"lessThanOrEqual": "3.3.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Visual Portfolio, Photo Gallery \u0026 Post Grid",
"vendor": "nko",
"versions": [
{
"lessThanOrEqual": "3.3.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Photo Gallery, Sliders, Proofing and Themes \u2013 NextGEN Gallery",
"vendor": "smub",
"versions": [
{
"lessThanOrEqual": "3.59.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WPC Smart Quick View for WooCommerce",
"vendor": "wpclever",
"versions": [
{
"lessThanOrEqual": "4.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Nexter Blocks \u2013 Gutenberg Blocks, Page Builder \u0026 AI Website Builder",
"vendor": "posimyththemes",
"versions": [
{
"lessThanOrEqual": "4.3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Easy Social Feed Premium",
"vendor": "Easy Social Feed",
"versions": [
{
"lessThanOrEqual": "6.6.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FV Flowplayer Video Player",
"vendor": "foliovision",
"versions": [
{
"lessThanOrEqual": "7.5.47.7212",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin\u0027s bundled FancyBox JavaScript library (versions 1.3.4 to 3.5.7) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:27:10.759Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d99d4b9a-aa09-434d-91a8-7afaa0e8b5db?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3150376/woo-smart-quick-view"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3153081/colibri-page-builder"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3157076/nextgen-gallery"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3158415/envira-gallery-lite"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3156791/form-maker"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3160432/visual-portfolio"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3161422/fv-wordpress-flowplayer"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3160232/easy-fancybox"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3161892/wp-carousel-free"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3173097/responsive-lightbox"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3175577%40getwid%2Ftrunk\u0026old=3119180%40getwid%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3186301%40fancybox-for-wordpress%2Ftrunk\u0026old=3058912%40fancybox-for-wordpress%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3169926/accordion-slider"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3306189%40the-plus-addons-for-block-editor\u0026new=3306189%40the-plus-addons-for-block-editor\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-13T17:22:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2024-12-03T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Multiple Plugins \u003c= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5020",
"datePublished": "2024-12-04T08:22:46.855Z",
"dateReserved": "2024-05-16T16:50:11.363Z",
"dateUpdated": "2026-04-08T17:27:10.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-10265 (GCVE-0-2024-10265)
Vulnerability from cvelistv5
Published
2024-11-10 12:30
Modified
2026-04-08 16:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.15.30. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder |
Version: 0 ≤ 1.15.30 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10265",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-11T11:48:32.094450Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-11T11:48:50.475Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.15.30",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "vgo0"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.15.30. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:35:49.711Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0fb1a2c2-581d-47ed-a180-9f70fdf79066?source=cve"
},
{
"url": "https://wordpress.org/plugins/form-maker/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/browser/form-maker/trunk/wd/includes/notices.php#L199"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3183170/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-10T00:07:43.000Z",
"value": "Disclosed"
}
],
"title": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder \u003c= 1.15.30 - Reflected Cross-Site Scripting via add_query_arg Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-10265",
"datePublished": "2024-11-10T12:30:34.046Z",
"dateReserved": "2024-10-22T21:27:50.370Z",
"dateUpdated": "2026-04-08T16:35:49.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-9878 (GCVE-0-2024-9878)
Vulnerability from cvelistv5
Published
2024-11-05 09:30
Modified
2026-04-08 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 0 ≤ 1.8.30 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9878",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-05T13:29:40.386095Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T13:29:57.917Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.30",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "tmrswrr"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:19:29.127Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bfa1192b-34f5-4b71-8fff-14f2d4ac4aca?source=cve"
},
{
"url": "https://packetstormsecurity.com/files/179357/WordPress-Photo-Gallery-1.8.26-Cross-Site-Scripting.html"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3180567%40photo-gallery%2Ftrunk\u0026old=3171538%40photo-gallery%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file12"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-04T21:24:54.000Z",
"value": "Disclosed"
}
],
"title": "Photo Gallery by 10Web \u003c= 1.8.30 - Authenticated (Administrator+) Stored Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-9878",
"datePublished": "2024-11-05T09:30:58.925Z",
"dateReserved": "2024-10-11T18:12:37.932Z",
"dateUpdated": "2026-04-08T17:19:29.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-9607 (GCVE-0-2024-9607)
Vulnerability from cvelistv5
Published
2024-10-25 06:51
Modified
2026-04-08 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The 10Web Social Post Feed plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.9. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Please note this is only exploitable when the leave a review notice is present.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | 10Web Social Post Feed |
Version: 0 ≤ 1.2.9 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:10web:10web_social_post_feed:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "10web_social_post_feed",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.2.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9607",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T20:13:57.055077Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T20:15:42.641Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "10Web Social Post Feed",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.2.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "vgo0"
}
],
"descriptions": [
{
"lang": "en",
"value": "The 10Web Social Post Feed plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.9. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Please note this is only exploitable when the leave a review notice is present."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:19:07.322Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be151552-827c-43a6-a0e0-da19884448fd?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wd-facebook-feed/trunk/wd/includes/notices.php#L204"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-24T18:29:21.000Z",
"value": "Disclosed"
}
],
"title": "10Web Social Post Feed \u003c= 1.2.9 - Reflected Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-9607",
"datePublished": "2024-10-25T06:51:26.121Z",
"dateReserved": "2024-10-07T21:45:02.403Z",
"dateUpdated": "2026-04-08T17:19:07.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-44043 (GCVE-0-2024-44043)
Vulnerability from cvelistv5
Published
2024-10-06 11:58
Modified
2026-04-01 15:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.This issue affects Photo Gallery by 10Web: from n/a through <= 1.8.27.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | Photo Gallery by 10Web |
Version: 0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-44043",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T12:30:02.638902Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T12:30:10.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "photo-gallery",
"product": "Photo Gallery by 10Web",
"vendor": "10Web",
"versions": [
{
"changes": [
{
"at": "1.8.28",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.8.27",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Robert DeVore | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:27:38.565Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.\u003cp\u003eThis issue affects Photo Gallery by 10Web: from n/a through \u003c= 1.8.27.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.This issue affects Photo Gallery by 10Web: from n/a through \u003c= 1.8.27."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:35:01.033Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/photo-gallery/vulnerability/wordpress-photo-gallery-by-10web-mobile-friendly-image-gallery-plugin-1-8-27-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "WordPress Photo Gallery by 10Web plugin \u003c= 1.8.27 - Cross Site Scripting (XSS) vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-44043",
"datePublished": "2024-10-06T11:58:45.334Z",
"dateReserved": "2024-08-18T21:58:27.030Z",
"dateUpdated": "2026-04-01T15:35:01.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8633 (GCVE-0-2024-8633)
Vulnerability from cvelistv5
Published
2024-09-26 11:32
Modified
2026-04-08 16:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.27 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder |
Version: 0 ≤ 1.15.27 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T12:59:51.877806Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T13:00:04.135Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.15.27",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joel Indra"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.27 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:43:39.596Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2b32cc12-c8d5-40b8-9510-42699beec581?source=cve"
},
{
"url": "https://wordpress.org/plugins/form-maker/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3156791/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-25T23:14:51.000Z",
"value": "Disclosed"
}
],
"title": "Form Maker \u003c= 1.15.27 - Authenticated (Administrator+) Stored Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-8633",
"datePublished": "2024-09-26T11:32:38.668Z",
"dateReserved": "2024-09-09T21:45:49.230Z",
"dateUpdated": "2026-04-08T16:43:39.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7150 (GCVE-0-2024-7150)
Vulnerability from cvelistv5
Published
2024-08-08 05:31
Modified
2026-04-08 17:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
The Slider by 10Web – Responsive Image Slider plugin for WordPress is vulnerable to time-based SQL Injection via the 'id' parameter in all versions up to, and including, 1.2.57 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Slider by 10Web – Responsive Image Slider |
Version: 0 ≤ 1.2.57 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:10web:slider:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "slider",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.2.57",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7150",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T13:08:33.043373Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T13:10:20.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Slider by 10Web \u2013 Responsive Image Slider",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.2.57",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Hydzik"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Slider by 10Web \u2013 Responsive Image Slider plugin for WordPress is vulnerable to time-based SQL Injection via the \u0027id\u0027 parameter in all versions up to, and including, 1.2.57 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:01:13.823Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/74d635b6-2b4a-49af-af5c-6bfa1b5d220e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/slider-wd/tags/1.2.57/frontend/models/WDSModelSlider.php#L6"
},
{
"url": "https://wordpress.org/plugins/slider-wd/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3131688/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-07T17:31:41.000Z",
"value": "Disclosed"
}
],
"title": "Slider by 10Web \u2013 Responsive Image Slider \u003c= 1.2.57 - Authenticated (Contributor+) SQL Injection via id Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-7150",
"datePublished": "2024-08-08T05:31:46.098Z",
"dateReserved": "2024-07-26T22:24:06.490Z",
"dateUpdated": "2026-04-08T17:01:13.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-5481 (GCVE-0-2024-5481)
Vulnerability from cvelistv5
Published
2024-06-07 09:33
Modified
2026-04-08 17:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-35 - Path Traversal: '.../...//'
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 0 ≤ 1.8.23 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T18:35:17.646938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T18:36:39.514Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
},
{
"tags": [
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.23",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tobias Wei\u00dfhaar"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35 Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:01:35.978Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
},
{
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-06T21:19:21.000Z",
"value": "Disclosed"
}
],
"title": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery \u003c= 1.8.23 - Authenticated (Contributor+) Path Traversal via esc_dir Function"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5481",
"datePublished": "2024-06-07T09:33:36.357Z",
"dateReserved": "2024-05-29T18:04:13.803Z",
"dateUpdated": "2026-04-08T17:01:35.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-5426 (GCVE-0-2024-5426)
Vulnerability from cvelistv5
Published
2024-06-07 09:33
Modified
2026-04-08 16:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘svg’ parameter in all versions up to, and including, 1.8.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, this can only be exploited by administrators, but the ability to use and configure Photo Gallery can be extended to contributors on pro versions of the plugin.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 0 ≤ 1.8.23 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5426",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-07T18:26:21.886773Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T18:26:36.883Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13436238-f14a-445b-9a9b-fbcf23b7b498?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L521"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L542"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.23",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tobias Wei\u00dfhaar"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018svg\u2019 parameter in all versions up to, and including, 1.8.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, this can only be exploited by administrators, but the ability to use and configure Photo Gallery can be extended to contributors on pro versions of the plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:36:37.012Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13436238-f14a-445b-9a9b-fbcf23b7b498?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L521"
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L542"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098798/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-06T21:15:26.000Z",
"value": "Disclosed"
}
],
"title": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery \u003c= 1.8.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via Zipped SVG"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5426",
"datePublished": "2024-06-07T09:33:35.276Z",
"dateReserved": "2024-05-27T19:35:22.878Z",
"dateUpdated": "2026-04-08T16:36:37.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-2258 (GCVE-0-2024-2258)
Vulnerability from cvelistv5
Published
2024-04-27 03:33
Modified
2026-04-08 17:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name autofilled into forms in all versions up to, and including, 1.15.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder |
Version: 0 ≤ 1.15.24 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wordpress:form_maker_by_10web:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "form_maker_by_10web",
"vendor": "wordpress",
"versions": [
{
"lessThanOrEqual": "1.15.24",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2258",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T15:44:25.877484Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:30:27.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:03:39.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af1075a5-9efa-4b86-9798-6dbafcba4db5?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3071515"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.15.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Rollings"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user\u0027s display name autofilled into forms in all versions up to, and including, 1.15.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:15:29.153Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af1075a5-9efa-4b86-9798-6dbafcba4db5?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3071515"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-26T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Form Maker by 10Web \u003c= 1.15.24 - Authenticated (Subscriber+) Stored Self-Based Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-2258",
"datePublished": "2024-04-27T03:33:35.216Z",
"dateReserved": "2024-03-07T09:55:25.687Z",
"dateUpdated": "2026-04-08T17:15:29.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-32578 (GCVE-0-2024-32578)
Vulnerability from cvelistv5
Published
2024-04-18 09:30
Modified
2024-08-02 02:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue affects Slider by 10Web: from n/a through 1.2.54.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | Slider by 10Web |
Version: n/a < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32578",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-24T14:34:36.613139Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:50:11.542Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:13:39.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/slider-wd/wordpress-sliderby10web-plugin-1-2-54-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "slider-wd",
"product": "Slider by 10Web",
"vendor": "10Web",
"versions": [
{
"changes": [
{
"at": "1.2.55",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.2.54",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Dimas Maulana (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in 10Web Slider by 10Web allows Reflected XSS.\u003cp\u003eThis issue affects Slider by 10Web: from n/a through 1.2.54.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue affects Slider by 10Web: from n/a through 1.2.54.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-18T09:30:05.885Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/slider-wd/wordpress-sliderby10web-plugin-1-2-54-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.2.55 or a higher version."
}
],
"value": "Update to 1.2.55 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Sliderby10Web plugin \u003c= 1.2.54 - Cross Site Scripting (XSS) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-32578",
"datePublished": "2024-04-18T09:30:05.885Z",
"dateReserved": "2024-04-15T10:15:58.902Z",
"dateUpdated": "2024-08-02T02:13:39.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2112 (GCVE-0-2024-2112)
Vulnerability from cvelistv5
Published
2024-04-09 18:58
Modified
2026-04-08 16:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.15.22 via the signature functionality. This makes it possible for unauthenticated attackers to extract sensitive data including user signatures.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder |
Version: 0 ≤ 1.15.22 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2112",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-20T18:46:58.101859Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:29:48.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:03:38.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5652f9c3-3cc9-4541-8209-40117b4d25d9?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/form-maker/tags/1.15.22\u0026old=3057012\u0026new_path=/form-maker/tags/1.15.23\u0026new=3057012\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.15.22",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tim Coen"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.15.22 via the signature functionality. This makes it possible for unauthenticated attackers to extract sensitive data including user signatures."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:53:39.391Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5652f9c3-3cc9-4541-8209-40117b4d25d9?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/form-maker/tags/1.15.22\u0026old=3057012\u0026new_path=/form-maker/tags/1.15.23\u0026new=3057012\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-22T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder \u003c= 1.15.22 - Sensitive Information Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-2112",
"datePublished": "2024-04-09T18:58:49.733Z",
"dateReserved": "2024-03-01T18:53:50.776Z",
"dateUpdated": "2026-04-08T16:53:39.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-2296 (GCVE-0-2024-2296)
Vulnerability from cvelistv5
Published
2024-04-06 08:38
Modified
2026-04-08 17:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions up to, and including, 1.8.21 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. CVE-2024-29833 appears to be a duplicate of this issue.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery |
Version: 0 ≤ 1.8.21 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2296",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T13:21:57.910783Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:30:42.401Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/994a044d-db69-4f2d-9027-cf3665446ed3?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3058445%40photo-gallery\u0026new=3058445%40photo-gallery\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.21",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jobert Krohnen"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions up to, and including, 1.8.21 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. CVE-2024-29833 appears to be a duplicate of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:10:50.258Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/994a044d-db69-4f2d-9027-cf3665446ed3?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3058445%40photo-gallery\u0026new=3058445%40photo-gallery\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://appcheck-ng.com/xss-vulnerabilities-discovered-10web-photogallery-wordpress-plugin/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-05T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery \u003c= 1.8.21 - Authenticated (Admin+) Stored Cross-Site Scripting via SVG"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-2296",
"datePublished": "2024-04-06T08:38:53.976Z",
"dateReserved": "2024-03-07T17:41:33.966Z",
"dateUpdated": "2026-04-08T17:10:50.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-31116 (GCVE-0-2024-31116)
Vulnerability from cvelistv5
Published
2024-03-31 18:15
Modified
2024-08-15 19:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web 10Web Map Builder for Google Maps.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.74.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | 10Web Map Builder for Google Maps |
Version: n/a < |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:10web:map_builder_for_google_maps:-:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "map_builder_for_google_maps",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.0.74",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31116",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T19:21:10.387522Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T19:23:54.285Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:46:04.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/wd-google-maps/wordpress-10web-map-builder-for-google-maps-plugin-1-0-74-sql-injection-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wd-google-maps",
"product": "10Web Map Builder for Google Maps",
"vendor": "10Web",
"versions": [
{
"lessThanOrEqual": "1.0.74",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Muhammad Daffa (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in 10Web 10Web Map Builder for Google Maps.\u003cp\u003eThis issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.74.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in 10Web 10Web Map Builder for Google Maps.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.74.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-31T18:15:03.860Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/wd-google-maps/wordpress-10web-map-builder-for-google-maps-plugin-1-0-74-sql-injection-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress 10Web Map Builder for Google Maps plugin \u003c= 1.0.74 - SQL Injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-31116",
"datePublished": "2024-03-31T18:15:03.860Z",
"dateReserved": "2024-03-28T06:58:24.005Z",
"dateUpdated": "2024-08-15T19:23:54.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29833 (GCVE-0-2024-29833)
Vulnerability from cvelistv5
Published
2024-03-26 15:30
Modified
2024-08-02 16:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The image upload component allows SVG files and the regular expression used to remove script tags can be bypassed by using a Cross Site Scripting payload which does not match the regular expression; one example of this is the inclusion of whitespace within the script tag. An attacker must target an authenticated user with permissions to access this feature, however once uploaded the payload is also accessible to unauthenticated users.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | PhotoGallery |
Version: 1.0.1 ≤ 1.8.21 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:57.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://appcheck-ng.com/xss-vulnerabilities-discovered-10web-photogallery-wordpress-plugin/"
},
{
"tags": [
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:10web:photo_gallery:1.0.1:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "photo_gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.21",
"status": "affected",
"version": "1.0.1",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29833",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T16:46:02.579848Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T16:46:09.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PhotoGallery",
"vendor": "10Web",
"versions": [
{
"lessThanOrEqual": "1.8.21",
"status": "affected",
"version": "1.0.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "AppCheck Ltd."
}
],
"descriptions": [
{
"lang": "en",
"value": "The image upload component allows SVG files and the regular expression used to remove script tags can be bypassed by using a Cross Site Scripting payload which does not match the regular expression; one example of this is the inclusion of whitespace within the script tag. An attacker must target an authenticated user with permissions to access this feature, however once uploaded the payload is also accessible to unauthenticated users."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63: Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-26T15:30:28.269Z",
"orgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
"shortName": "AppCheck"
},
"references": [
{
"url": "https://appcheck-ng.com/xss-vulnerabilities-discovered-10web-photogallery-wordpress-plugin/"
},
{
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"title": "WordPress Photo Gallery Plugin \u003c= 1.8.21 Stored Cross Site Scripting in UploadHandler",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
"assignerShortName": "AppCheck",
"cveId": "CVE-2024-29833",
"datePublished": "2024-03-26T15:30:28.269Z",
"dateReserved": "2024-03-20T09:56:32.456Z",
"dateUpdated": "2024-08-02T16:46:09.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29810 (GCVE-0-2024-29810)
Vulnerability from cvelistv5
Published
2024-03-26 15:28
Modified
2024-08-02 16:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The thumb_url parameter of the AJAX call to the editimage_bwg action of admin-ajax.php is vulnerable to reflected Cross Site Scripting. The value of the thumb_url parameter is embedded within an existing JavaScript within the response allowing arbitrary JavaScript to be inserted and executed. The attacker must target a an authenticated user with permissions to access this component to exploit this issue.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | PhotoGallery |
Version: 1.0.1 ≤ 1.8.21 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://appcheck-ng.com/xss-vulnerabilities-discovered-10web-photogallery-wordpress-plugin/"
},
{
"tags": [
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:10web:photo_gallery:1.0.1:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "photo_gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.21",
"status": "affected",
"version": "1.0.1",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29810",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T16:44:09.126871Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T16:44:14.472Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PhotoGallery",
"vendor": "10Web",
"versions": [
{
"lessThanOrEqual": "1.8.21",
"status": "affected",
"version": "1.0.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "AppCheck Ltd."
}
],
"descriptions": [
{
"lang": "en",
"value": "The thumb_url parameter of the AJAX call to the editimage_bwg action of admin-ajax.php is vulnerable to reflected Cross Site Scripting. The value of the thumb_url parameter is embedded within an existing JavaScript within the response allowing arbitrary JavaScript to be inserted and executed. The attacker must target a an authenticated user with permissions to access this component to exploit this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63: Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-26T15:28:58.519Z",
"orgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
"shortName": "AppCheck"
},
"references": [
{
"url": "https://appcheck-ng.com/xss-vulnerabilities-discovered-10web-photogallery-wordpress-plugin/"
},
{
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"title": "WordPress Photo Gallery Plugin \u003c= 1.8.21 Reflected Cross Site Scripting in editimage_bwg thumb_url",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
"assignerShortName": "AppCheck",
"cveId": "CVE-2024-29810",
"datePublished": "2024-03-26T15:28:58.519Z",
"dateReserved": "2024-03-19T16:26:38.385Z",
"dateUpdated": "2024-08-02T16:44:14.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29809 (GCVE-0-2024-29809)
Vulnerability from cvelistv5
Published
2024-03-26 15:27
Modified
2024-08-02 16:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The image_url parameter of the AJAX call to the editimage_bwg action of admin-ajax.php is vulnerable to reflected Cross Site Scripting. The value of the image_url parameter is embedded within an existing JavaScript within the response allowing arbitrary JavaScript to be inserted and executed. The attacker must target a an authenticated user with permissions to access this component to exploit this issue.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 10Web | PhotoGallery |
Version: 1.0.1 ≤ 1.8.21 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://appcheck-ng.com/xss-vulnerabilities-discovered-10web-photogallery-wordpress-plugin/"
},
{
"tags": [
"x_transferred"
],
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:10web:photo_gallery:1.0.1:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "photo_gallery",
"vendor": "10web",
"versions": [
{
"lessThanOrEqual": "1.8.21",
"status": "affected",
"version": "1.0.1",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29809",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T16:37:53.995247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T16:39:55.380Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PhotoGallery",
"vendor": "10Web",
"versions": [
{
"lessThanOrEqual": "1.8.21",
"status": "affected",
"version": "1.0.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "AppCheck Ltd."
}
],
"descriptions": [
{
"lang": "en",
"value": "The image_url parameter of the AJAX call to the editimage_bwg action of admin-ajax.php is vulnerable to reflected Cross Site Scripting. The value of the image_url parameter is embedded within an existing JavaScript within the response allowing arbitrary JavaScript to be inserted and executed. The attacker must target a an authenticated user with permissions to access this component to exploit this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63: Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-26T15:27:56.092Z",
"orgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
"shortName": "AppCheck"
},
"references": [
{
"url": "https://appcheck-ng.com/xss-vulnerabilities-discovered-10web-photogallery-wordpress-plugin/"
},
{
"url": "https://wordpress.org/plugins/photo-gallery/#developers"
}
],
"title": "WordPress Photo Gallery Plugin \u003c= 1.8.21 Reflected Cross Site Scripting in editimage_bwg image_url",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "2c188fdb-58e1-4908-8fce-3e437b94f1ae",
"assignerShortName": "AppCheck",
"cveId": "CVE-2024-29809",
"datePublished": "2024-03-26T15:27:56.092Z",
"dateReserved": "2024-03-19T16:26:38.384Z",
"dateUpdated": "2024-08-02T16:39:55.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}