{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T17:35:17.751","vulnerabilities":[{"cve":{"id":"CVE-2024-37442","sourceIdentifier":"audit@patchstack.com","published":"2024-07-09T11:15:14.697","lastModified":"2024-11-21T09:23:51.123","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Photo Gallery Team Photo Gallery by Ays allows Code Injection.This issue affects Photo Gallery by Ays: from n/a before 5.7.1."},{"lang":"es","value":" La neutralización incorrecta de elementos especiales en la salida utilizada por una vulnerabilidad de componente posterior ('inyección') en Photo Gallery Team Photo Gallery by Ays permite la inyección de código. Este problema afecta a Photo Gallery by Ays: desde n/a antes de 5.7.1."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L","baseScore":3.8,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":4.2}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ays-pro:photo_gallery:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"5.7.1","matchCriteriaId":"F13CA93E-BC2B-487D-97CE-23C65B765635"}]}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/gallery-photo-gallery/wordpress-photo-gallery-by-ays-responsive-image-gallery-plugin-5-7-1-html-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com","tags":["Third Party Advisory"]},{"url":"https://patchstack.com/database/vulnerability/gallery-photo-gallery/wordpress-photo-gallery-by-ays-responsive-image-gallery-plugin-5-7-1-html-injection-vulnerability?_s_id=cve","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}