LionSher-Technologies/envira-gallery-lite

LionSher-Technologies/envira-gallery-lite

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases0

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-35581 ↗	Jan 15, 2021Friday, 15 January 2021, 07:15	5.4 MEDIUM	3.5 LOW
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/admin-ajax.php request with the meta[title] parameter.
CVE-2020-35582 ↗	Jan 15, 2021Friday, 15 January 2021, 07:15	5.4 MEDIUM	3.5 LOW
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/post.php request with the post_title parameter.