CVE-2023-25988
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Dec 13, 2024
CWE ID 862
Summary
CVE-2023-25988 is a missing authorization vulnerability affecting Video Gallery by Total-Soft, specifically the YouTube Gallery component. this issue allows unauthorized access to content due to incorrectly configured access control security levels. The vulnerability can impact all versions of Video Gallery – YouTube Gallery from n/a through 1.7.6. Successful exploitation could result in unauthorized access to sensitive video content. Users are encouraged to update to the latest version of the software to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Video Gallery Plugin