WordPress Picture Gallery Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in the WordPress Picture Gallery plugin, version 1.4.2. This vulnerability allows authenticated attackers to inject malicious JavaScript into the Edit Content URL field within the Access Control settings. The injected scripts are saved in the database and executed when the corresponding functionality is used, potentially leading to session hijacking or credential theft.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user.

Reproduction

To reproduce this vulnerability, install WordPress version 5.8 and activate the Picture Gallery plugin version 1.4.2. Navigate to the Access Control tab in the plugin's options, and enter a JavaScript payload into the Edit Content URL input field. After saving the changes, the payload will be executed when the functionality is triggered.