Medium severity4.8NVD Advisory· Published Jun 1, 2021· Updated Jun 17, 2026
CVE-2021-24310
CVE-2021-24310
Description
The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery in the admin dashboard. This is due to an incomplete fix of CVE-2019-16117
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.5.67
- 10Web/Photo Gallery by 10Web – Mobile-Friendly Image Galleryv5Range: 1.5.67
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/f34096ec-b1b0-471d-88a4-4699178a3165nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.