Description
Cross-Site Request Forgery (CSRF) vulnerabilities in WPChill Gallery PhotoBlocks plugin <= 1.2.6 at WordPress.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_confirm
https://patchstack.com/database/vulnerability/photoblocks-grid-gallery/wordpress-gallery-photoblocks-plugin-1-2-6-cross-site-request-forgery-csrf-vulnerabilities
Product, Third Party Advisory x_refsource_confirm
https://wordpress.org/plugins/photoblocks-grid-gallery/
Scores
CVSS v3
5.4
EPSS
0.0031
EPSS Percentile
22.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-352
Status
published
Products (2)
WPChill/Gallery PhotoBlocks (WordPress plugin)
<= 1.2.6 - 1.2.6
wpchill/gallery_photoblocks
< 1.2.6
Published
Aug 23, 2022
Tracked Since
Feb 18, 2026