Exploit/Advisories
Published on September 10th, 2019 📆 | 7951 Views ⚑
0WordPress Plugin Photo Gallery 1.5.34 – Cross-Site Scripting (2)
# Exploit Title: WordPress Plugin Photo Gallery by 10Web <img src=a onerror='alert(2);'
4. Click Save.
5. It will show pop-up confirming existence of XSS vulnerability
# Timeline
09-01-2019 - Vulnerability Reported
09-03-2019 - Vendor responded
09-04-2019 - New version released (1.5.35)
09-10-2019 - Full Disclosure
# References:
Photo Gallery by 10Web – Mobile-Friendly Image Gallery
https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Options.php?old=2142624&old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FOptions.php
https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/js/bwg.js?old=2135029&old_path=photo-gallery%2Ftrunk%2Fjs%2Fbwg.js
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16118
https://www.exploit-db.com/exploits/47373
Gloss