VYPR

Justified Gallery

by WordPress

Source repositories

CVEs (2)

  • CVE-2022-4651MedJan 30, 2023
    risk 0.35cvss 5.4epss 0.00

    The Justified Gallery WordPress plugin before 1.7.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.

  • CVE-2023-40213MedDec 13, 2024
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Mateusz Czardybon Justified Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Justified Gallery: from n/a through 1.7.3.