Medium severity4.8NVD Advisory· Published Sep 11, 2024· Updated Jun 17, 2026
CVE-2024-3899
CVE-2024-3899
Description
The Gallery Plugin for WordPress WordPress plugin before 1.8.15 does not sanitise and escape some of its image settings, which could allow users with post-writing privilege such as Author to perform Cross-Site Scripting attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <1.8.15
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/e3afadda-4d9a-4a51-b744-10de7d8d8578/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.