Published: 05/02/2024 Updated: 13/02/2024

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 0

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This makes it possible for authenticated malicious users to rename arbitrary files on the server. This can lead to site takeovers if the wp-config.php file of a site can be renamed. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery management permissions to lower level users, which might make this exploitable by users as low as contributors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
10web photo gallery

CWE-22 https://www.wordfence.com/threat-intel/vulnerabilities/id/3a3b8f32-f29d-4e67-8fad-202bfc8a9918?source=cve https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L441 https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L291 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3022981%40photo-gallery%2Ftrunk&old=3013021%40photo-gallery%2Ftrunk&sfp_email=&sfph_mail=https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-0221

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect