Vulnerabilities > CVE-2022-38135 - Unspecified vulnerability in Photospace Gallery Project Photospace Gallery 2.3.5

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

photospace-gallery-project

NVD

Published: 2022-09-12

Updated: 2023-06-27

Summary

Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin <= 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings.

Vulnerable Configurations

Part	Description	Count
Application	Photospace_Gallery_Project Photospace Gallery Project Photospace Gallery - Photospace Gallery Project Photospace Gallery 2.3.5	2

References

https://wordpress.org/plugins/photospace/
https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability