Responsive Lightbox & Gallery Security Vulnerabilities

MaxGalleria < 6.4.3 - Missing Authorization

Description The MaxGalleria plugin for WordPress is vulnerable to unauthorized image upload due to a missing capability check on the add_media_library_images_to_gallery function in all versions up to, and including, 6.4.2. This makes it possible for authenticated attackers, with subscriber access.....

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 219 vulnerabilities disclosed in 209...

CVE-2024-32583

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Reflected XSS.This issue affects Photo Gallery by 10Web: from n/a through...

CVE-2024-32583

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Reflected XSS.This issue affects Photo Gallery by 10Web: from n/a through...

CVE-2024-32583 WordPress Photo Gallery by 10Web plugin <= 1.8.21 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Reflected XSS.This issue affects Photo Gallery by 10Web: from n/a through...

Ungallery <= 2.2.4 - Stored XSS via CSRF

Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF...

HT Mega < 2.4.7 - Contributor+ Stored XSS via Lightbox Widget

Description The plugin is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox widget due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject...

CVE-2024-1561

An issue was discovered in gradio-app/gradio, where the /component_server endpoint improperly allows the invocation of any method on a Component class with attacker-controlled arguments. Specifically, by exploiting the move_resource_to_block_cache() method of the Block class, an attacker can copy.....

WP Matterport Shortcode < 2.2.0 - Cross-Site Request Forgery

Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unknown action granted they can trick a site administrator into performing an action such as...

CVE-2024-32433

Cross-Site Request Forgery (CSRF) vulnerability in Themefic BEAF.This issue affects BEAF: from n/a through...

CVE-2024-32433

Cross-Site Request Forgery (CSRF) vulnerability in Themefic BEAF.This issue affects BEAF: from n/a through...

CVE-2024-32433 WordPress BEAF plugin <= 4.5.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Themefic BEAF.This issue affects BEAF: from n/a through...

CVE-2024-31354

Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through...

CVE-2024-31354

Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through...

CVE-2024-31354 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through...

CVE-2024-31354 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through...

Responsive Lightbox < 2.4.7 - Information Disclosure

Description The plugin is vulnerable to unauthorized access due to a missing capability check on the gallery_attributes() function in versions up to, and including, 2.4.6. This makes it possible for authenticated attackers, with contributor-level access and above, to view post content they...

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 193 vulnerabilities disclosed in 154...

CVE-2024-32109

Cross-Site Request Forgery (CSRF) vulnerability in Julien Berthelot / MPEmbed.Com WP Matterport Shortcode allows Cross Site Request Forgery.This issue affects WP Matterport Shortcode: from n/a through...

CVE-2024-32109

Cross-Site Request Forgery (CSRF) vulnerability in Julien Berthelot / MPEmbed.Com WP Matterport Shortcode allows Cross Site Request Forgery.This issue affects WP Matterport Shortcode: from n/a through...

CVE-2024-32109 WordPress WP Matterport Shortcode plugin <= 2.1.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Julien Berthelot / MPEmbed.Com WP Matterport Shortcode allows Cross Site Request Forgery.This issue affects WP Matterport Shortcode: from n/a through...

CVE-2024-32109 WordPress WP Matterport Shortcode plugin <= 2.1.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Julien Berthelot / MPEmbed.Com WP Matterport Shortcode allows Cross Site Request Forgery.This issue affects WP Matterport Shortcode: from n/a through...

CVE-2024-3285

The Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'metaslider' shortcode in all versions up to, and including, 3.70.0 due to insufficient input sanitization and output escaping on...

CVE-2024-3285

The Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'metaslider' shortcode in all versions up to, and including, 3.70.0 due to insufficient input sanitization and output escaping on...

CVE-2024-3285

The Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'metaslider' shortcode in all versions up to, and including, 3.70.0 due to insufficient input sanitization and output escaping on...

Slideshow Gallery < 1.7.9 - Settings Reset via CSRF

Description The plugin does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF...

Slideshow Gallery < 1.7.9 - Contributor+ SQLi

Description The plugin is vulnerable to SQL Injection due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL...

Slideshow Gallery <= 1.8 - Unauthenticated Sensitive Information Exposure

Description The plugin is vulnerable to Sensitive Information Exposure, allowing unauthenticated attackers to extract sensitive user or configuration...

CVE-2024-31355

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through...

CVE-2024-31342

Missing Authorization vulnerability in WPcloudgallery WordPress Gallery Exporter.This issue affects WordPress Gallery Exporter: from n/a through...

CVE-2024-31342

Missing Authorization vulnerability in WPcloudgallery WordPress Gallery Exporter.This issue affects WordPress Gallery Exporter: from n/a through...

CVE-2024-31355

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through...

CVE-2024-1728

gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in...

CVE-2024-31355 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Auth. SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through...

CVE-2024-31355 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Auth. SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through...

CVE-2024-31353

Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through...

CVE-2024-31353

Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through...

CVE-2024-31342 WordPress Gallery Exporter plugin <= 1.3 - Arbitrary File Download vulnerability

Missing Authorization vulnerability in WPcloudgallery WordPress Gallery Exporter.This issue affects WordPress Gallery Exporter: from n/a through...

CVE-2024-31353 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through...

CVE-2024-3235

The Essential Grid Gallery WordPress Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.1 via the on_front_ajax_action() function. This makes it possible for unauthenticated attackers to view private and password protected posts...

CVE-2024-3235

The Essential Grid Gallery WordPress Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.1 via the on_front_ajax_action() function. This makes it possible for unauthenticated attackers to view private and password protected posts...

CVE-2024-3020

The plugin is vulnerable to PHP Object Injection in versions up to and including, 2.6.3 via deserialization of untrusted input in the import function via the 'shortcode' parameter. This allows authenticated attackers, with administrator-level access to inject a PHP Object. If a POP chain is...

CVE-2024-3235

The Essential Grid Gallery WordPress Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.1 via the on_front_ajax_action() function. This makes it possible for unauthenticated attackers to view private and password protected posts...

CVE-2024-3235

The Essential Grid Gallery WordPress Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.1 via the on_front_ajax_action() function. This makes it possible for unauthenticated attackers to view private and password protected posts...

All-in-One Video Gallery < 3.6.0 - Missing Authorization

Description The All-in-One Video Gallery plugin for WordPress is vulnerable to unauthorized access due to a missing capability check in versions up to, and including, 3.5.2. This makes it possible for authenticated attackers, with contributor-level access and above, to perform an unauthorized...

WordPress Gallery Exporter <= 1.3 - Authenticated (Administrator+) Arbitrary File Download

Description The WordPress Gallery Exporter – Export your NextGen, Envira and FooGallery galleries to your computer plugin for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 1.3. This is due to the plugin improperly validating the path to requested file...

Patch Tuesday - April 2024

Microsoft is addressing 149 vulnerabilities this April 2024 Patch Tuesday, which is significantly more than usual. For the second month in a row, Microsoft indicated that they weren't aware of prior public disclosure or exploitation in the wild for any of the vulnerabilities patched today....

Microsoft and Adobe Patch Tuesday, April 2024 Security Update Review

Welcome to another insightful dive into Microsoft's Patch Tuesday! This month's security updates address a vast number of vulnerabilities in multiple popular products, features, and roles. We invite you to join us to review and discuss the details of these security updates and patches. Microsoft...

CVE-2024-3208

The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 1.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-3208

The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 1.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...