Vulnerability Description
The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
CVSS Score
8.8
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 10Web | Photo Gallery | < 1.2.42 |
Related Weaknesses (CWE)
References
- https://wordpress.org/plugins/photo-gallery/#developersProductThird Party Advisory
- https://wordpress.org/support/topic/this-plugin-is-reported-as-vulnerable/Issue TrackingThird Party Advisory
- https://wpvulndb.com/vulnerabilities/7225Third Party Advisory
- https://wordpress.org/plugins/photo-gallery/#developersProductThird Party Advisory
- https://wordpress.org/support/topic/this-plugin-is-reported-as-vulnerable/Issue TrackingThird Party Advisory
- https://wpvulndb.com/vulnerabilities/7225Third Party Advisory
FAQ
What is CVE-2015-9380?
CVE-2015-9380 is a vulnerability with a CVSS score of 8.8 (HIGH). The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
How severe is CVE-2015-9380?
CVE-2015-9380 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-9380?
Check the references section above for vendor advisories and patch information. Affected products include: 10Web Photo Gallery.