Fortinet Discovers WordPress Gallery Bank Plugin Cross-Site Scripting Vulnerability
Fortinet's FortiGuard Labs has discovered a cross-site scripting (XSS) vulnerability in WordPress Gallery Bank Plugin.
Gallery Bank is a powerful photo gallery plugin with over 10,000+ installations. It is designed with advanced features to showcase image galleries in the most beautiful and authentic way.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Jun 06, 2022
Stop using this vulnerable plugin since it's not updated any more.
Fortinet reported the vulnerability on Oct 29, 2021
The issue escalated to WordPress Plugins Team on Nov 9, 2021
The Plugin closed by WordPress Plugins Team on Dec 9, 2021