CVE-2022-0750

{"id": "CVE-2022-0750", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 3.1}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2022-03-23T20:15:10.297", "references": [{"url": "https://wordpress.org/plugins/photoswipe-masonry/", "tags": ["Product"], "source": "[email protected]"}, {"url": "https://www.wordfence.com/blog/2022/02/stored-cross-site-scripting-vulnerability-patched-in-a-wordpress-photo-gallery-plugin/", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/64624d4c-3ffb-4516-a938-0accde24c79f?source=cve", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://wordpress.org/plugins/photoswipe-masonry/", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.wordfence.com/blog/2022/02/stored-cross-site-scripting-vulnerability-patched-in-a-wordpress-photo-gallery-plugin/", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/64624d4c-3ffb-4516-a938-0accde24c79f?source=cve", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "The Photoswipe Masonry Gallery WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the thumbnail_width, thumbnail_height, max_image_width, and max_image_height parameters found in the ~/photoswipe-masonry.php file which allows authenticated attackers to inject arbitrary web scripts into galleries created by the plugin and on the PhotoSwipe Options page. This affects versions up to and including 1.2.14."}, {"lang": "es", "value": "El plugin Photoswipe Masonry Gallery de WordPress es vulnerable a un ataque de tipo Cross-Site Scripting debido a una insuficiencia de escape y saneo de los par\u00e1metros thumbnail_width, thumbnail_height, max_image_width y max_image_height que se encuentran en el archivo ~/photoswipe-masonry.php, lo que permite a atacantes autenticados inyectar scripts web arbitrarios en las galer\u00edas creadas por el plugin y en la p\u00e1gina PhotoSwipe Options. Esto afecta a las versiones hasta 1.2.14 incluy\u00e9ndola"}], "lastModified": "2025-05-05T17:17:32.720", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:thriveweb:photoswipe_masonry_gallery:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "769DA9F2-35D7-49B1-8CD4-27B549CEF223", "versionEndExcluding": "1.2.15"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}