IQID:14380 HTTP WordPress Image Gallery Plugin Cross Site Scripting Vulnerability (From Server) S

IQID: 14380 - December 2016

Image Gallery plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the admin.php script. A remote authenticated attacker could exploit this vulnerability using the sl_url11 parameter in a POST request to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

A Full Description is available for this threat, please sign in for access to Full Description.

 

Attack Data

Attack Data is available for this threat, please sign in for access to Attack Data.

 

CVSS Information

CVSS Information is available for this threat, please sign in for access to CVSS Information.

 

Date

Date Information is available for this threat, please sign in for access to Date Information.

 

External Resources

External resources are available for this threat, please sign in for access to external resources.