cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-0764,https://securityvulnerability.io/vulnerability/CVE-2023-0764,Gallery by BestWebSoft < 4.7.0 - Author+ Stored Cross-Site Scripting,"The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not perform proper sanitization of gallery information, leading to a Stored Cross-Site Scription vulnerability. The attacker must have at least the privileges of the Author role.",Wordpress,Gallery by BestWebSoft,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2023-04-17T13:15:00.000Z,0
CVE-2023-0765,https://securityvulnerability.io/vulnerability/CVE-2023-0765,Gallery by BestWebSoft < 4.7.0 - Author+ SQL Injection,"The Gallery plugin by BestWebSoft for WordPress prior to version 4.7.0 contains a flaw that allows for Blind SQL Injection. This occurs because the plugin fails to properly escape user inputs in SQL queries. For exploitation, an attacker needs to have at least Author privileges and, specifically, the vulnerable Slider plugin must also be installed on the same site. This vulnerability can lead to unauthorized access to database information, escalating risks for WordPress site owners.",Wordpress,Gallery by BestWebSoft,8.8,HIGH,0.001230000052601099,false,,false,false,false,,false,false,2023-04-17T13:15:00.000Z,0