Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery project vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-24349
This Gallery from files WordPress plugin up to and including 1.6.0 gives the functionality of uploading images to the server. But filenames are not properly sanitized before being output in an error message when they have an invalid extension, leading to a reflected Cross-Site Sc...
Gallery From Files Project Gallery From Files
6.1
CVSSv3
CVE-2014-4553
Cross-site Scripting (XSS) in the spreadshirt-rss-3d-cube-flash-gallery plugin 2014 for WordPress allows remote malicious users to execute arbitrary web script or HTML via unspecified parameters.
Spreadshirt-rss-3d-cube-flash-gallery Project Spreadshirt-rss-3d-cube-flash-gallery 2014
6.1
CVSSv3
CVE-2013-7482
The reflex-gallery plugin prior to 1.4.3 for WordPress has XSS.
Reflex Gallery Project Reflex Gallery
6.1
CVSSv3
CVE-2015-9327
The flickr-justified-gallery plugin prior to 3.4.0 for WordPress has XSS.
Flickr Justified Gallery Project Flickr Justified Gallery
6.1
CVSSv3
CVE-2017-17869
The mgl-instagram-gallery plugin for WordPress has XSS via the single-gallery.php media parameter.
Mgl-instagram-gallery Project Mgl-instagram-gallery -
6.1
CVSSv3
CVE-2016-1000153
Reflected XSS in wordpress plugin tidio-gallery v1.1
Tidio-gallery Project Tidio-gallery
5.4
CVSSv3
CVE-2023-23676
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bruno "Aesqe" Babic File Gallery plugin <= 1.8.5.3 versions.
File Gallery Project File Gallery
5.4
CVSSv3
CVE-2023-23157
A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the fullname parameter on the enquiry page.
Phpgurukul Art Gallery Management System 1.0
5.4
CVSSv3
CVE-2023-23158
A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the message parameter on the enquiry page.
Phpgurukul Art Gallery Management System 1.0
5.4
CVSSv3
CVE-2023-0060
The Responsive Gallery Grid WordPress plugin prior to 2.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-S...
Responsive Gallery Grid Project Responsive Gallery Grid
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »