Vulnerability Details CVE-2022-38135
Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin <= 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.6%
CVSS Severity
CVSS v3 Score 5.4
References
- https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
- https://wordpress.org/plugins/photospace/
- https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
- https://wordpress.org/plugins/photospace/
Products affected by CVE-2022-38135
-
cpe:2.3:a:photospace_gallery_project:photospace_gallery:-
-
cpe:2.3:a:photospace_gallery_project:photospace_gallery:2.3.5