Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
10web photo gallery vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-9335
Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin prior to 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users.
10web Photo Gallery
3.5
CVSSv2
CVE-2015-1394
Multiple cross-site scripting (XSS) vulnerabilities in the Photo Gallery plugin prior to 1.2.11 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) sort_by, (2) sort_order, (3) items_view, (4) dir, (5) clipboard_task, (6) clipboard_fi...
10web Photo Gallery
3.5
CVSSv2
CVE-2019-14797
The 10Web Photo Gallery plugin prior to 1.5.23 for WordPress has authenticated stored XSS.
10web Photo Gallery
3.5
CVSSv2
CVE-2015-2324
Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin prior to 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors.
10web Photo Gallery
NA
CVE-2024-33586
Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web.This issue affects Photo Gallery by 10Web: from n/a up to and including 1.8.20.
NA
CVE-2024-32583
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Reflected XSS.This issue affects Photo Gallery by 10Web: from n/a up to and including 1.8.21.
NA
CVE-2024-2296
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions up to, and including, 1.8.21 due to insufficient input sanitization and output escaping. This makes it possible ...
NA
CVE-2024-0221
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This makes it possible for authenticated malicious users to rename arbitrary files...
10web Photo Gallery
NA
CVE-2023-6924
The Photo Gallery by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in versions up to, and including, 1.8.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attac...
10web Photo Gallery
NA
CVE-2021-46889
The 10Web Photo Gallery plugin up to and including 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693.
10web Photo Gallery
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »