CVE-2023-25060

MEDIUM

Album and Image Gallery plus Lightbox < 1.6.2 - Missing Authorization

Title source: llm
STIX 2.1

Description

Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Album and Image Gallery plus Lightbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Album and Image Gallery plus Lightbox: from n/a through 1.6.2.

Scores

CVSS v3 5.3
EPSS 0.0056
EPSS Percentile 42.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-862
Status published
Products (1)
WP OnlineSupport, Essential Plugin/Album and Image Gallery plus Lightbox < 1.6.2
Published Dec 09, 2024
Tracked Since Feb 18, 2026