VYPR
Unrated severityNVD Advisory· Published Feb 14, 2022· Updated Aug 3, 2024

WP Photo Album Plus < 8.0.10 - Stored Cross-Site Scripting (XSS)

CVE-2021-25115

Description

The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could cause arbitrary javascript to be executed in the admin panel.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.