Medium severity5.4NVD Advisory· Published Aug 30, 2021· Updated Jun 17, 2026
CVE-2021-24667
CVE-2021-24667
Description
A stored cross-site scripting vulnerability has been discovered in : Simply Gallery Blocks with Lightbox (Version – 2.2.0 & below). The vulnerability exists in the Lightbox functionality where a user with low privileges is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to insufficient validation of image parameters in meta data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=2.2.0+ 1 more
- (no CPE)range: <=2.2.0
- (no CPE)range: <=2.2.0
Patches
Vulnerability mechanics
References
2- wpscan.com/vulnerability/5925b263-6d6f-4a03-a98a-620150dff8f7nvdThird Party Advisory
- www.fortiguard.com/zeroday/FG-VD-21-060nvdThird Party Advisory
News mentions
0No linked articles in our index yet.