Vulnerabilities > Plugins360 > ALL IN ONE Video Gallery > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-24 | CVE-2024-6629 | Cross-site Scripting vulnerability in Plugins360 All-In-One Video Gallery The All-in-One Video Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video shortcode in all versions up to, and including, 3.7.1 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |