cleantalk
Vulnerabilities and Security Researches

Photo Engine (Media Organizer & Lightroom), CVE-2024-39660

CVE, Research URL

CVE-2024-39660

Home page URL

Security reports for Photo Engine (Media Organizer & Lightroom)

Application

Photo Engine (Media Organizer & Lightroom)

Published on
Aug 02, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jordy Meow Photo Engine allows Stored XSS.This issue affects Photo Engine: from n/a through 6.3.1.
Affected versions
Min -, max 6.3.2.
Status
vulnerable
Previous vulnerability researches
Photo Engine (Media Organizer & Lightroom) (CVE-2025-54672) , Aug 01, 2025
Photo Engine (Media Organizer & Lightroom) (CVE-2024-43332) , Aug 20, 2024
Photo Engine (Media Organizer & Lightroom) (CVE-2024-39660) , Aug 02, 2024
Photo Engine (Media Organizer & Lightroom) (CVE-2023-38513) , Jun 07, 2024
New vulnerability
Google Map Targeting (CVE-2025-52732) , Aug 04, 2025
WP CTA – Call To Action Plugin, Sticky CTA, Floating Buttons, Floating Tab Plugin (CVE-2025-8152) , Aug 04, 2025
One Click Demo Import , Aug 04, 2025
My Reservation System (CVE-2025-7022) , Aug 02, 2025
Connector for Gravity Forms and Google Sheets (CVE-2025-54682) , Aug 02, 2025