Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ays-pro photo gallery vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-10921
The gallery-photo-gallery plugin prior to 1.0.1 for WordPress has SQL injection.
Ays-pro Photo Gallery
NA
CVE-2023-39917
Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.2.6 versions.
Ays-pro Photo Gallery
6.5
CVSSv2
CVE-2021-24462
The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin prior to 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, ...
Ays-pro Photo Gallery
NA
CVE-2023-32107
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.1.3 versions.
Ays-pro Photo Gallery
NA
CVE-2023-2568
The Photo Gallery by Ays WordPress plugin prior to 5.1.7 does not escape some parameters before outputting it back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Ays-pro Photo Gallery
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started