Mmond

mmond

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Ungallery

ungallery

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-3582 1Mmond 1Ungallery Jun 17, 2026 May 14, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 The UnGallery WordPress plugin through 2.2.4 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSR...Show more The UnGallery WordPress plugin through 2.2.4 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attackShow less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-3582

1Mmond

1Ungallery

Jun 17, 2026

May 14, 2024

N/A· v4

4.8 MEDIUM· v3

N/A· v2

The UnGallery WordPress plugin through 2.2.4 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSR...Show more