CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Michalaugustyniak: >> Misiek Photo Album Security Vulnerabilities

CVE-2024-7817

The Misiek Photo Album WordPress plugin through 1.4.3 does not have CSRF checks in some places, which could allow attackers to make logged in users delete arbitrary albums via a CSRF attack

CVSS Score

6.5

EPSS Score

0.0

Published

2024-09-12

CVE-2024-7818

The Misiek Photo Album WordPress plugin through 1.4.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.

CVSS Score

6.1

EPSS Score

0.001

Published

2024-09-12

Page 1

Vulnerabilities

Vulnerable Software

Michalaugustyniak: >> Misiek Photo Album Security Vulnerabilities

Products

Pricing

Contact Us