Security Advisory

CVE-2025-0613

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-31 06:00:01

Last updated 2025-03-31 14:59:55

Assigner WPScan

State PUBLISHED

Description

The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users, leading to an Unauthenticated Stored-XSS attack when comments are displayed

← Browse all CVEs View on cve.org ↗