{
  "id": "CVE-2024-1487",
  "sourceIdentifier": "contact@wpscan.com",
  "published": "2024-03-11T18:15:18.057",
  "lastModified": "2024-03-12T12:40:13.500",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "The Photos and Files Contest Gallery WordPress plugin before 21.3.1 does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks."
    },
    {
      "lang": "es",
      "value": "El complemento de WordPress de Photos and Files Contest Gallery anterior a 21.3.1 no sanitiza ni escapa a algunos par\u00e1metros, lo que podr\u00eda permitir a los usuarios con un rol tan bajo como el de autor realizar ataques de Cross-Site Scripting."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://wpscan.com/vulnerability/c028cd73-f30a-4c8b-870f-3071055f0496/",
      "source": "contact@wpscan.com"
    }
  ]
}