CVE-2021-24529

CVE-2021-24529: Grid Gallery < 1.2.5 - Authenticated Stored Cross Site Scripting (XSS)

Vendor Unknown
Product Grid Gallery – Photo Image Grid Gallery
Weakness CWE-79 · XSS
Published August 23, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Grid Gallery – Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability.

Key dates

02Disclosure timeline

August 23, 2021 CVE published
August 3, 2024 Record updated