Lucene search
K

44 matches found

NVD
NVD
added 2026/06/16 10:16 a.m.9 views

CVE-2026-54190

Unauthenticated Broken Access Control in Envira Photo Gallery = 1.12.5 versions...

6.5CVSS0.00196EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:0 a.m.9 views

EUVD-2026-37052

Unauthenticated Broken Access Control in Envira Photo Gallery = 1.12.5 versions...

6.5CVSS5.2AI score0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:0 a.m.29 views

CVE-2026-54190 WordPress Envira Photo Gallery plugin <= 1.12.5 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Envira Photo Gallery = 1.12.5 versions...

6.5CVSS0.00196EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:0 a.m.19 views

CVE-2026-54190

CVE-2026-54190 : Unauthenticated Broken Access Control affects the WordPress plugin Envira Photo Gallery versions up to and including 1.12.5 . The available sources describe an unauthenticated access control flaw in this plugin, with the vulnerability present in the affected release range. The co...

6.5CVSS5.1AI score0.00196EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/13 12:11 a.m.10 views

WordPress Gallery Plugin for WordPress – Envira Photo Gallery plugin <= 1.12.0 - Missing Authorization to Authenticated (Author+) Multiple Gallery Actions vulnerability

Missing Authorization to Authenticated Author+ Multiple Gallery Actions vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Envira Photo Gallery versions = 1.12.0...

4.3CVSS6.8AI score0.00311EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.7 views

WordPress plugin Gallery Plugin for WordPress – Envira Photo Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin...

4.3CVSS6.2AI score0.00311EPSS
Exploits0References6
Patchstack
Patchstack
added 2025/11/10 2:1 a.m.6 views

WordPress Envira Photo Gallery plugin <= 1.11.0 - Missing Authorization to Authenticated (Contributor+) Gallery Conversion vulnerability

Missing Authorization to Authenticated Contributor+ Gallery Conversion vulnerability discovered by Lucas Montes Nirox in WordPress Plugin Envira Photo Gallery versions = 1.11.0...

4.3CVSS6.7AI score0.00178EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/11/08 12:0 a.m.5 views

WordPress plugin Envira Photo Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

4.3CVSS6.3AI score0.00178EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/08 12:0 a.m.11 views

PT-2025-45560

Name of the Vulnerable Software and Affected Versions Envira Photo Gallery versions up to and including 1.11.0 Description The Envira Photo Gallery plugin for WordPress is susceptible to unauthorized data modification. This is due to a missing capability check on the /envira-convert/v1/bulk-conve...

4.3CVSS5.8AI score0.00178EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-30155

Malware in sbrugna...

5.4CVSS5.5AI score0.00778EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-58955

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00406EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-40575

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00485EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.6 views

CVE-2024-37095

Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3...

4.3CVSS6.9AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:5 a.m.12 views

CVE-2023-6742

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'enviragalleryinsertimages' function in all versions up to, and including, 1.8.7.1. This makes it possible for authenticated...

4.3CVSS6.4AI score0.00406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:43 p.m.9 views

CVE-2020-9334

A stored XSS vulnerability exists in the Envira Photo Gallery plugin through 1.7.6 for WordPress. Successful exploitation of this vulnerability would allow a authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users...

5.4CVSS5.8AI score0.00778EPSS
Exploits0References1
NVD
NVD
added 2024/11/01 3:15 p.m.10 views

CVE-2024-43925

Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.14...

8.8CVSS0.00485EPSS
Exploits0References1
OSV
OSV
added 2024/11/01 3:15 p.m.1 views

CVE-2024-43925

Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.14...

8.8CVSS5.8AI score0.00485EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/01 2:18 p.m.30 views

CVE-2024-37095 WordPress Envira Photo Gallery plugin <= 1.8.7.3 - CSRF leading to notice dismissal vulnerability

Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3...

4.3CVSS0.00352EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 2:18 p.m.43 views

CVE-2024-37095

CVE-2024-37095 concerns the WordPress plugin Envira Gallery Lite/Envira Photo Gallery. Public data show a Missing Authorization vulnerability affecting Envira Gallery versions up to 1.8.7.3, described as a CSRF-related issue that can lead to a notice-dismissal scenario due to incorrectly configur...

4.3CVSS4.6AI score0.00352EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/01 2:18 p.m.9 views

CVE-2024-37095 WordPress Envira Photo Gallery plugin <= 1.8.7.3 - CSRF leading to notice dismissal vulnerability

Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3...

4.3CVSS4.6AI score0.00352EPSS
Exploits0References1
Rows per page
Query Builder