CVE-2025-0613 Information

Description

The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users leading to an Unauthenticated Stored-XSS attack when comments are displayed

Reference

https://wpscan.com/vulnerability/22be2b44-cd42-4b02-8448-59dd2989dde1/