Medium severity4.8NVD Advisory· Published Jun 8, 2022· Updated Jun 17, 2026
CVE-2022-1394
CVE-2022-1394
Description
The Photo Gallery by 10Web WordPress plugin before 1.6.4 does not properly validate and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- 10Web/Photo Gallery by 10Webdescription
- Range: <1.6.4
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/f7a0df37-3204-4926-84ec-2204a2f22de3nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.