CVE-2024-33586Missing Authorization in Photo Gallery

CWE-862Missing Authorization3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.2%
top 63.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
10web Photo GalleryPhoto Gallery Team Photo Gallery BY 10web
Timeline
PublishedApr 29

Description

Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web.This issue affects Photo Gallery by 10Web: from n/a through 1.8.20.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVD10web/photo_gallery< 1.8.21

🔴Vulnerability Details

2
CVEList
WordPress Photo Gallery by 10Web plugin <= 1.8.20 - Broken Access Control vulnerability2024-04-29
GHSA
GHSA-q3mj-8r6m-xx6h: Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web2024-04-29
CVE-2024-33586 — Missing Authorization in Photo Gallery | cvebase