CVERadar

CVE-2024-5343

Medium Severity

SVRS

30/100

CVSSv3

NA/10

EPSS

0.0082/1

The WordPress plugin vulnerability CVE-2024-5343 impacts the "Photo Gallery, Images, Slider in Rbs Image Gallery" plugin. This Cross-Site Request Forgery (CSRF) flaw allows unauthenticated attackers to create new posts and reset gallery view counts. The vulnerability exists in versions up to 3.2.19 due to insufficient nonce validation. With a SOCRadar Vulnerability Risk Score (SVRS) of 30, while not immediately critical, the potential for exploitation exists if attackers can socially engineer a Contributor+ level user. Successful exploitation could lead to unauthorized content creation and manipulation of gallery statistics. This represents a moderate security risk that should be addressed with an update.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

CVE-2024-5343 | robosoft Photo Gallery, Images, Slider in Rbs Image Gallery Plugin rbs_ajax_create_article/rbs_ajax_reset_views cross-site request forgery

vuldb.com2025-03-23

CVE-2024-5343 | robosoft Photo Gallery, Images, Slider in Rbs Image Gallery Plugin rbs_ajax_create_article/rbs_ajax_reset_views cross-site request forgery | A vulnerability was found in robosoft Photo Gallery, Images, Slider in Rbs Image Gallery Plugin up to 3.2.19 on WordPress. It has been declared as problematic. This vulnerability affects the function rbs_ajax_create_article/rbs_ajax_reset_views. The manipulation leads to cross-site request forgery. This vulnerability was named <a href="https://vuldb.com/?source_cve.268954

vuldb.com

rss

forum

news

Social Media

CRAC Learning - Tech

@cracbot

2024-06-21

CVE-2024-5343 (CVSS:8.8, HIGH) is Awaiting Analysis. The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery ..https://t.co/ZZVCJvNBUI #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

CVEFind.com

@CveFindCom

2024-06-19

[CVE-2024-5343: HIGH] Vulnerability alert: Rbs Image Gallery plugin for WordPress up to version 3.2.19 is prone to Cross-Site Request Forgery, enabling attackers to manipulate gallery content and view counts via f...#cybersecurity,#vulnerability https://t.co/2CVwOZwfCz https://t.co/NOqZs2puA0

Affected Software

No affected software found for this CVE

References

Reference	Link
[email protected]	https://plugins.trac.wordpress.org/browser/robo-gallery/tags/3.2.19/includes/extensions/rbs_create_post_ajax.php#L247
[email protected]	https://plugins.trac.wordpress.org/browser/robo-gallery/tags/3.2.19/includes/extensions/rbs_create_post_ajax.php#L94
[email protected]	https://plugins.trac.wordpress.org/browser/robo-gallery/tags/3.2.19/includes/rbs_gallery_ajax.php#L19
[email protected]	https://plugins.trac.wordpress.org/changeset/3100759/
[email protected]	https://www.wordfence.com/threat-intel/vulnerabilities/id/045fbe5b-0e63-4820-97a7-017dd72eb73a?source=cve

CWE Details

No CWE details found for this CVE

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence