Description
Multiple cross-site scripting (XSS) vulnerabilities in zenphoto 1.0.1 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) a parameter in i.php, and the (2) album and (3) image parameters in index.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Slimstat Analytics Multiple Vulnerabilities (5.0.9)
Oracle JRE CVE-2014-0463 Vulnerability (CVE-2014-0463)
WordPress Plugin Brandfolder-Digital Asset Management Simplified Local/Remote File Inclusion (3.0)
OpenSSL Missing Cryptographic Step Vulnerability (CVE-2025-69418)
WordPress Plugin YITH WooCommerce Advanced Reviews Security Bypass (1.3.9)