The Image Photo Gallery Final Tiles Grid WordPress plugin prior to 3.5.3 does not sanitise and escape the Description field when editing a gallery, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks against other users having access to the gallery dashboard
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
machothemes image photo gallery final tiles grid |