Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Wp Photo Album Plus Project Subscribe
Filtered by product Wp Photo Album Plus
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-49813 1 Wp Photo Album Plus Project 1 Wp Photo Album Plus 2024-11-21 N/A 7.1 HIGH
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005.
CVE-2021-25115 1 Wp Photo Album Plus Project 1 Wp Photo Album Plus 2024-11-21 3.5 LOW 6.4 MEDIUM
The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could cause arbitrary javascript to be executed in the admin panel.