The Photos and Files Contest Gallery WordPress plugin prior to 21.2.8.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks via certain headers.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
contest-gallery contest gallery |