The WP Easy Gallery plugin is vulnerable to an attack called Stored Cross-Site Scripting. This type of attack affects versions of the plugin before 4.1.5 and can allow someone with access to inject malicious web scripts into a page. When a victim visits the page, the script will execute. To protect against this type of attack, users should update to version 4.1.5 or later.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
