Cross-Site Scripting Vulnerability in Photoblocks Grid Gallery Plugin for WordPress
CVE-2019-15829
4.8MEDIUM
What is CVE-2019-15829?
The Photoblocks Grid Gallery plugin for WordPress is affected by a Cross-Site Scripting (XSS) vulnerability. This issue exists in the admin interface, specifically at the endpoint 'wp-admin/admin.php?page=photoblocks-edit&id=' which fails to properly validate user input. As a result, malicious users can exploit this vulnerability to inject arbitrary JavaScript code into the web pages viewed by other users, leading to potential data theft or unauthorized actions within the application.