Unrated severityNVD Advisory· Published Jun 21, 2020· Updated Aug 4, 2024
CVE-2020-14962
CVE-2020-14962
Description
Multiple XSS vulnerabilities in the Final Tiles Gallery plugin before 3.4.19 for WordPress allow remote attackers to inject arbitrary web script or HTML via the Title (aka imageTitle) or Caption (aka description) field of an image to wp-admin/admin-ajax.php.
Affected products
2- WordPress/Final Tiles Gallery plugindescription
- Range: <3.4.19
Patches
Vulnerability mechanics
References
1- wpvulndb.com/vulnerabilities/10241mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.