cbcvebase.

J.N Breetvelt A.K.A Opajaap Wp Photo Album Plus vulnerabilities

7 known vulnerabilities affecting j.n_breetvelt_a.k.a_opajaap/wp_photo_album_plus.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL2HIGH1MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2024-31286P1CRITICALCVSS 9.9Exploited≥ n/a, < 8.6.03.0052024-04-07
CVE-2024-31286 [CRITICAL] CWE-434 CVE-2024-31286: Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Ph Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a before 8.6.03.005.
nvd
CVE-2024-31377P2CRITICALCVSS 10.0≥ n/a, ≤ 8.7.01.0012024-05-14
CVE-2024-31377 [CRITICAL] CWE-434 CVE-2024-31377: Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Ph Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.7.01.001.
nvd
CVE-2023-49812P3HIGHCVSS 7.5≥ n/a, ≤ 8.5.02.0052023-12-19
CVE-2023-49812 [HIGH] CWE-639 CVE-2023-49812: Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP P Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005.
nvd
CVE-2024-38713P4MEDIUMCVSS 6.5≥ n/a, ≤ 8.8.02.0022024-07-20
CVE-2024-38713 [MEDIUM] CWE-79 CVE-2024-38713: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.02.002.
nvd
CVE-2023-49774P4MEDIUMCVSS 5.3≥ n/a, ≤ 8.5.02.0052024-06-04
CVE-2023-49774 [MEDIUM] CWE-200 CVE-2023-49774: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. Op Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005.
nvd
CVE-2023-49813P4MEDIUMCVSS 6.1≥ n/a, ≤ 8.5.02.0052023-12-14
CVE-2023-49813 [MEDIUM] CWE-79 CVE-2023-49813: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005.
nvd
CVE-2024-37416P4MEDIUMCVSS 6.1≥ n/a, ≤ 8.8.00.0022024-07-22
CVE-2024-37416 [MEDIUM] CWE-79 CVE-2024-37416: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Reflected XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.00.002.
nvd
J.N Breetvelt A.K.A Opajaap Wp Photo Album Plus vulnerabilities | cvebase