Vulnerability Details CVE-2022-0873
The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the Album's name before outputting it in pages/posts with a media embed, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered-html capability is disallowed
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.9%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
Products affected by CVE-2022-0873
-
cpe:2.3:a:codeasily:gmedia_gallery:1.10.03
-
cpe:2.3:a:codeasily:gmedia_gallery:1.10.04
-
cpe:2.3:a:codeasily:gmedia_gallery:1.10.05
-
cpe:2.3:a:codeasily:gmedia_gallery:1.10.06
-
cpe:2.3:a:codeasily:gmedia_gallery:1.10.07
-
cpe:2.3:a:codeasily:gmedia_gallery:1.11.0
-
cpe:2.3:a:codeasily:gmedia_gallery:1.11.1
-
cpe:2.3:a:codeasily:gmedia_gallery:1.11.2
-
cpe:2.3:a:codeasily:gmedia_gallery:1.11.3
-
cpe:2.3:a:codeasily:gmedia_gallery:1.11.4
-
cpe:2.3:a:codeasily:gmedia_gallery:1.11.5
-
cpe:2.3:a:codeasily:gmedia_gallery:1.11.6
-
cpe:2.3:a:codeasily:gmedia_gallery:1.11.7
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.1
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.10
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.11
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.12
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.2
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.3
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.4
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.5
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.6
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.7
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.8
-
cpe:2.3:a:codeasily:gmedia_gallery:1.12.9
-
cpe:2.3:a:codeasily:gmedia_gallery:1.13.0
-
cpe:2.3:a:codeasily:gmedia_gallery:1.13.2
-
cpe:2.3:a:codeasily:gmedia_gallery:1.13.3
-
cpe:2.3:a:codeasily:gmedia_gallery:1.13.4
-
cpe:2.3:a:codeasily:gmedia_gallery:1.14.0
-
cpe:2.3:a:codeasily:gmedia_gallery:1.14.2
-
cpe:2.3:a:codeasily:gmedia_gallery:1.14.4
-
cpe:2.3:a:codeasily:gmedia_gallery:1.14.5
-
cpe:2.3:a:codeasily:gmedia_gallery:1.14.7
-
cpe:2.3:a:codeasily:gmedia_gallery:1.15.0
-
cpe:2.3:a:codeasily:gmedia_gallery:1.15.1
-
cpe:2.3:a:codeasily:gmedia_gallery:1.15.2
-
cpe:2.3:a:codeasily:gmedia_gallery:1.15.3
-
cpe:2.3:a:codeasily:gmedia_gallery:1.15.4
-
cpe:2.3:a:codeasily:gmedia_gallery:1.16.0
-
cpe:2.3:a:codeasily:gmedia_gallery:1.16.2
-
cpe:2.3:a:codeasily:gmedia_gallery:1.16.3
-
cpe:2.3:a:codeasily:gmedia_gallery:1.16.4
-
cpe:2.3:a:codeasily:gmedia_gallery:1.16.5
-
cpe:2.3:a:codeasily:gmedia_gallery:1.16.6
-
cpe:2.3:a:codeasily:gmedia_gallery:1.16.7
-
cpe:2.3:a:codeasily:gmedia_gallery:1.16.8
-
cpe:2.3:a:codeasily:gmedia_gallery:1.16.9
-
cpe:2.3:a:codeasily:gmedia_gallery:1.17.1
-
cpe:2.3:a:codeasily:gmedia_gallery:1.17.2
-
cpe:2.3:a:codeasily:gmedia_gallery:1.17.4
-
cpe:2.3:a:codeasily:gmedia_gallery:1.17.5
-
cpe:2.3:a:codeasily:gmedia_gallery:1.17.6
-
cpe:2.3:a:codeasily:gmedia_gallery:1.18.0
-
cpe:2.3:a:codeasily:gmedia_gallery:1.18.2
-
cpe:2.3:a:codeasily:gmedia_gallery:1.18.3
-
cpe:2.3:a:codeasily:gmedia_gallery:1.18.4
-
cpe:2.3:a:codeasily:gmedia_gallery:1.18.5
-
cpe:2.3:a:codeasily:gmedia_gallery:1.18.6
-
cpe:2.3:a:codeasily:gmedia_gallery:1.18.7
-
cpe:2.3:a:codeasily:gmedia_gallery:1.18.8
-
cpe:2.3:a:codeasily:gmedia_gallery:1.18.9
-
cpe:2.3:a:codeasily:gmedia_gallery:1.19.0
-
cpe:2.3:a:codeasily:gmedia_gallery:1.19.1
-
cpe:2.3:a:codeasily:gmedia_gallery:1.19.2
-
cpe:2.3:a:codeasily:gmedia_gallery:1.19.3
-
cpe:2.3:a:codeasily:gmedia_gallery:1.19.4
-
cpe:2.3:a:codeasily:gmedia_gallery:1.19.5
-
cpe:2.3:a:codeasily:gmedia_gallery:1.19.6
-
cpe:2.3:a:codeasily:gmedia_gallery:1.19.7
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.0
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.1
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.10
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.11
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.12
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.13
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.14
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.15
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.17
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.18
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.19
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.2
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.20
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.3
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.4
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.5
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.6
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.7
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.8
-
cpe:2.3:a:codeasily:gmedia_gallery:1.9.9