cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-2568,https://securityvulnerability.io/vulnerability/CVE-2023-2568,Photo Gallery by Ays < 5.1.7 - Reflected XSS,"The Photo Gallery by Ays WordPress plugin before 5.1.7 does not escape some parameters before outputting it back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin",Wordpress,Photo Gallery By Ays,6.1,MEDIUM,0.0007200000109151006,false,,false,false,false,,false,false,2023-06-12T18:15:00.000Z,0
CVE-2021-24462,https://securityvulnerability.io/vulnerability/CVE-2021-24462,Photo Gallery by Ays - Responsive Image Gallery < 4.4.4 - Authenticated Blind SQL Injections,"The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin before 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard",Wordpress,Photo Gallery By Ays – Responsive Image Gallery,8.8,HIGH,0.001129999989643693,false,,false,false,false,,false,false,2021-08-02T10:32:08.000Z,0