Fortinet Discovers WordPress Modula Image Gallery Stored XSS Vulnerability
Fortinet's FortiGuard Labs has discovered a stored cross-site scripting (XSS) vulnerability in the WordPress Modula Image Gallery plugin.
Modula is the best WordPress gallery plugin for adding custom, unique and responsive galleries to your website. There are a free version of Modula available (Modula Lite) and a premium version (Modula Pro) both of which allow you to add amazing, fast-loading galleries to your website.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Feb 13, 2020
Users should update the plugin to the latest version (2.2.5).
Fortinet reported the vulnerability to MachoThemes on February 12, 2020
MachoThemes confirmed the vulnerability on February 12, 2020
MachoThemes patched the vulnerability on February 13, 2020
This vulnerability was discovered by Vishnupriya Ilango of Fortinet's FortiGuard Labs.