Vulnerabilities > Wppa Opajaap > WP Photo Album Plus > 5.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-05-10 | CVE-2013-3254 | Cross-Site Scripting vulnerability in Wppa.Opajaap Wp-Photo-Album-Plus 5.0.0/5.0.1/5.0.2 Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the WP Photo Album Plus plugin before 5.0.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the commentid parameter in a wppa_manage_comments edit action. | 4.3 |