CVE-2023-35780

WordPress Galleria Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Andy Whalen Galleria plugin <= 1.0.3 versions.

We have discovered 104 live websites that are affected by CVE-2023-35780.

Affected Software


Product	Galleria
Category	jQuery Plugins
Vulnerable Versions	from 0 through 1.0.3
Total Vulnerable Versions	39
Vulnerable Domains	104 live websites (0.43% of Galleria install base)

Common Weakness Enumeration

CWE-352 Cross-Site Request Forgery (CSRF)

Available Reports

Website List

Details

Published - Jul 11, 2023
Updated - Jul 11, 2023

Credits

LEE SE HYOUNG (Patchstack Alliance) (finder)

CWE

CWE-352

CVE References

CWE References

cwe.mitre.org

Countries

United States	35 websites

Germany	9 websites
GB	7 websites
Italy	6 websites
Brazil	5 websites
Canada	5 websites
Hungary	5 websites
France	4 websites
Japan	4 websites
Spain	3 websites

TLDs

.com	38 websites
.org	17 websites
.de	5 websites
.ca	3 websites
.com.br	3 websites
.it	3 websites
.net	3 websites
.at	2 websites
.co.jp	2 websites
.co.uk	2 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

References

https://patchstack.com/database/vulnerability/galleria/wordpress-galleria-plugin-1-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Websites affected by CVE-2023-35780

Top websites that are affected by CVE-2023-35780. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
*************.com	United States	*,*
*.*.br	Brazil	*,*
****.org	United States	*,*
***.****.cl	Chile	*,*
*.***********.gr	Greece	*,*
*.*******.at	Austria	*,*
*.***..jp	Japan	*,*
*.***********.it	Italy	*,*
*******.com	United States	*,*
*.********.com	United States	,,*

See full domain list