CVE-2021-31693
published 2022-11-29CVE-2021-31693: The 10Web Photo Gallery plugin through 1.5.68 for WordPress allows XSS via album_gallery_id_0, bwg_album_search_0, and type_0 for bwg_frontend_data. NOTE…
PriorityP423medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.41%
32.7th percentile
The 10Web Photo Gallery plugin through 1.5.68 for WordPress allows XSS via album_gallery_id_0, bwg_album_search_0, and type_0 for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-46889. NOTE: VMware information, previously connected to this CVE ID because of a typo, is at CVE-2022-31693.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 10web | photo_gallery | <= 1.5.69 | — |
| 10web | photo_gallery | <= 1.5.68 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6fq7-325c-xvfq: The 10Web Photo Gallery plugin through 1
ghsa_unreviewed·2023-06-07·CVSS 6.1
CVE-2021-46889 [MEDIUM] CWE-79 GHSA-6fq7-325c-xvfq: The 10Web Photo Gallery plugin through 1
The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693.
GHSA
GHSA-8624-7rmq-755f: VMware Tools for Windows (12
ghsa_unreviewed·2022-11-29
CVE-2021-31693 [MEDIUM] CWE-79 GHSA-8624-7rmq-755f: VMware Tools for Windows (12
VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a denial-of-service condition in the Windows guest OS.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-11-29
Published