WP Photo Album Plus, CVE-2021-25115

CVE, Research URL: CVE-2021-25115
Home page URL: Security reports for WP Photo Album Plus
Application: WP Photo Album Plus
Published on: Feb 14, 2022
Research Description: The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could cause arbitrary javascript to be executed in the admin panel.
Affected versions: max 8.0.10.
Status: vulnerable