Security Advisory

CVE-2023-6742

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-11 08:32:32

Last updated 2026-04-08 16:48:22

Assigner Wordfence

State PUBLISHED

Description

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the envira_gallery_insert_images function in all versions up to, and including, 1.8.7.1. This makes it possible for authenticated attackers, with contributor access and above, to modify galleries on other users posts.

← Browse all CVEs View on cve.org ↗