Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery project vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-125096
A vulnerability was found in Fancy Gallery Plugin 1.5.12 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file class.options.php of the component Options Page. The manipulation leads to cross site scripting. The ...
Fancy Gallery Project Fancy Gallery
7.5
CVSSv2
CVE-2015-5599
Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote malicious users to execute arbitrary SQL commands via the (1) albumid or (2) name parameter.
Powerplay Gallery Project Powerplay Gallery 3.3
5
CVSSv2
CVE-2015-5682
upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote malicious users to create arbitrary directories via vectors related to the targetDir variable.
Powerplay Gallery Project Powerplay Gallery 3.3
7.5
CVSSv2
CVE-2014-5201
SQL injection vulnerability in the Gallery Objects plugin 0.4 for WordPress allows remote malicious users to execute arbitrary SQL commands via the viewid parameter in a go_view_object action to wp-admin/admin-ajax.php.
Gallery Objects Project Gallery Objects 0.4
1 EDB exploit
6.5
CVSSv2
CVE-2016-10940
The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter.
Zm-gallery Project Zm-gallery 1.0
4.3
CVSSv2
CVE-2017-17869
The mgl-instagram-gallery plugin for WordPress has XSS via the single-gallery.php media parameter.
Mgl-instagram-gallery Project Mgl-instagram-gallery -
NA
CVE-2022-4783
The Youtube Channel Gallery WordPress plugin up to and including 2.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Store...
Youtube Channel Gallery Project Youtube Channel Gallery
NA
CVE-2023-25473
Cross-Site Request Forgery (CSRF) vulnerability in Miro Mannino Flickr Justified Gallery plugin <= 3.5 versions.
Flickr Justified Gallery Project Flickr Justified Gallery
4.3
CVSSv2
CVE-2021-24349
This Gallery from files WordPress plugin up to and including 1.6.0 gives the functionality of uploading images to the server. But filenames are not properly sanitized before being output in an error message when they have an invalid extension, leading to a reflected Cross-Site Sc...
Gallery From Files Project Gallery From Files
4.3
CVSSv2
CVE-2015-9327
The flickr-justified-gallery plugin prior to 3.4.0 for WordPress has XSS.
Flickr Justified Gallery Project Flickr Justified Gallery
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »