← volver
CVE-2023-25060

WordPress Album and Image Gallery plus Lightbox plugin <= 1.6.2 - Broken Access Control vulnerability

CVSS 5.3 MEDIUMEPSS 0.6%CWE-862
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Album and Image Gallery plus Lightbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Album and Image Gallery plus Lightbox: from n/a through 1.6.2.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Productos afectados
WP OnlineSupport, Essential Plugin · Album and Image Gallery plus Lightbox

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://patchstack.com/database/wordpress/plugin/album-and-image-gallery-plus-lightbox/vulnerability/wordpress-album-and-image-gallery-plus-lightbox-plugin-1-6-2-broken-access-control?_s_id=cve