Picture Gallery
Approved changes feed: RSS · Atom
cpe:2.3:a:videowhisper:picture_gallery:1.4.2:*:*:*:*:*:*:*
part: a version: 1.4.2 update: *
| Vendor | Videowhisper (3fa34018-7a89-5b29-a930-e9dcfd4be8ec) |
|---|---|
| Product | Picture Gallery (310d4bba-827d-53f3-8018-9f36cdfff3ca) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-47951 |
vulnerable | 2026-06-03 14:45:47.422780 |
WordPress Picture Gallery 1.4.2 Stored XSS via Edit Content URL
MEDIUM (6.4)
WordPress Picture Gallery 1.4.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Edit Content URL field in the Access Control settings. Attackers can enter JavaScript payloads in the plugin options that are stored in the database and executed when the functionality is triggered, enabling session hijacking or credential theft.
Published: 2026-05-10T12:52:12.438Z
Updated: 2026-05-24T01:37:13.013Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.