Vulnerabilities > Navz

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-27	CVE-2023-3957	Incorrect Authorization vulnerability in Navz ACF Photo Gallery Field The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient restriction on the 'apg_profile_update' function in versions up to, and including, 1.9. network low complexity navz CWE-863	4.3
2022-01-17	CVE-2021-24909	Cross-site Scripting vulnerability in Navz ACF Photo Gallery Field The ACF Photo Gallery Field WordPress plugin before 1.7.5 does not sanitise and escape the post parameter in the includes/acf_photo_gallery_metabox_edit.php file before outputing back in an attribute, leading to a Reflected Cross-Site Scripting issue network low complexity navz CWE-79	6.1

Vulnerabilities > Navz {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Navz"}]}