← back
CVE-2023-25060

WordPress Album and Image Gallery plus Lightbox plugin <= 1.6.2 - Broken Access Control vulnerability

CVSS 5.3 MEDIUMEPSS 0.6%CWE-862
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Album and Image Gallery plus Lightbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Album and Image Gallery plus Lightbox: from n/a through 1.6.2.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected products
WP OnlineSupport, Essential Plugin · Album and Image Gallery plus Lightbox

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://patchstack.com/database/wordpress/plugin/album-and-image-gallery-plus-lightbox/vulnerability/wordpress-album-and-image-gallery-plus-lightbox-plugin-1-6-2-broken-access-control?_s_id=cve