CVE-2024-10102

{"id": "CVE-2024-10102", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.2}]}, "published": "2025-01-07T06:15:13.730", "references": [{"url": "https://wpscan.com/vulnerability/3b34d1ec-5370-40a8-964e-663f4f9f42f8/", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}, {"url": "https://wpscan.com/vulnerability/3b34d1ec-5370-40a8-964e-663f4f9f42f8/", "tags": ["Exploit", "Third Party Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.22 does not sanitise and escape some of its Gallery settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks"}, {"lang": "es", "value": "Photo Gallery, Images, Slider en Rbs Image Gallery WordPress del complemento de WordPress anterior a la versi\u00f3n 3.2.22 no desinfecta ni evita algunas de las configuraciones de la galer\u00eda, lo que podr\u00eda permitir que usuarios con privilegios elevados, como los colaboradores, realicen ataques de cross site scripting almacenado"}], "lastModified": "2025-05-14T13:46:19.723", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:robosoft:robo_gallery:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "43FD59BA-9D8A-4DC6-9F8D-DA91C952B93C", "versionEndExcluding": "3.2.22"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}