Unrated severityNVD Advisory· Published Jan 17, 2022· Updated Aug 3, 2024
ACF Photo Gallery Field < 1.7.5 - Reflected Cross-Site Scripting
CVE-2021-24909
Description
The ACF Photo Gallery Field WordPress plugin before 1.7.5 does not sanitise and escape the post parameter in the includes/acf_photo_gallery_metabox_edit.php file before outputing back in an attribute, leading to a Reflected Cross-Site Scripting issue
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/5855f1fe-28f6-4cd6-a83c-95c23d809b79mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.