Vulnerabilities > CVE-2022-4060 - Unspecified vulnerability in Odude User Post Gallery 2.19

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

odude

critical

NVD

Published: 2023-01-16

Updated: 2023-11-07

Summary

The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it.

Vulnerable Configurations

Part	Description	Count
Application	Odude Odude User Post Gallery 2.19	1

References

https://wpscan.com/vulnerability/8f982ebd-6fc5-452d-8280-42e027d01b1e