PT-2026-25178

CVE-2026-32330 Cross-Site Request Forgery CSRF vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Cross Site Request Forgery.This issue affects Photo Gallery by 10… https://t.co/rDg6UMog3V...

CVE-2019-16118

Cross site scripting XSS in the photo-gallery 10Web Photo Gallery plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php...

CVE-2019-16119

SQL injection in the photo-gallery 10Web Photo Gallery plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php albumid parameter...

CVE-2019-16117

Cross site scripting XSS in the photo-gallery 10Web Photo Gallery plugin before 1.5.35 for WordPress exists via admin/models/Galleries.php...

EUVD-2019-6959

Malware in sbrugna...

EUVD-2020-30156

Malware in sbrugna...

EUVD-2019-5539

Malware in sbrugna...

EUVD-2019-5930

Malware in sbrugna...

EUVD-2021-11053

Malware in sbrugna...

EUVD-2019-5929

Malware in sbrugna...

EUVD-2019-6958

Malware in sbrugna...

EUVD-2021-33539

Malicious code in bioql PyPI...

EUVD-2024-16020

Malicious code in bioql PyPI...

EUVD-2024-40825

Malicious code in bioql PyPI...

CVE-2024-44043

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.This issue affects Photo Gallery by 10Web: from n/a through = 1.8.27...

CVE-2022-4058

The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control...

CVE-2021-31693

The 10Web Photo Gallery plugin through 1.5.68 for WordPress allows XSS via albumgalleryid0, bwgalbumsearch0, and type0 for bwgfrontenddata. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-46889. NOTE: VMware information, previously connected to this CVE ID becau...

CVE-2021-46889

The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via themeid for bwgfrontenddata. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693...

CVE-2020-9335

Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users...

CVE-2019-14313

A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php...