{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T08:42:54.566","vulnerabilities":[{"cve":{"id":"CVE-2021-24357","sourceIdentifier":"contact@wpscan.com","published":"2021-06-14T14:15:08.877","lastModified":"2024-11-21T05:52:54.457","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Best Image Gallery & Responsive Photo Gallery – FooGallery WordPress plugin before 2.0.35, the Custom CSS field of each gallery is not properly sanitised or validated before being being output in the page where the gallery is embed, leading to a stored Cross-Site Scripting issue."},{"lang":"es","value":"En el plugin de WordPress Best Image Gallery & Responsive Photo Gallery versiones anteriores a 2.0.35, el campo CSS personalizado de cada galería no es saneado o comprobado apropiadamente antes de aparecer en la página en la que la galería es insertada, conllevando a un problema de tipo Cross-Site Scripting almacenado"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"contact@wpscan.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fooplugins:foogallery:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"2.0.35","matchCriteriaId":"2A86006E-2F54-42E1-8043-A25D3C23481E"}]}]}],"references":[{"url":"https://wpscan.com/vulnerability/950f46ae-4476-4969-863a-0e55752953b3","source":"contact@wpscan.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://wpscan.com/vulnerability/950f46ae-4476-4969-863a-0e55752953b3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}