CVE-2022-4060

Published: Jan 16, 2023Modified: Jun 17, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it.

Affected (1)

Products: Odude: User Post Gallery

Odude

1 product

User Post Gallery

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Odude User Post Gallery	Up to 2.19

References (2)

https://wpscan.com/vulnerability/8f982ebd-6fc5-452d-8280-42e027d01b1e

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/8f982ebd-6fc5-452d-8280-42e027d01b1e

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.