44 matches found
CVE-2026-54190
Unauthenticated Broken Access Control in Envira Photo Gallery = 1.12.5 versions...
EUVD-2026-37052
Unauthenticated Broken Access Control in Envira Photo Gallery = 1.12.5 versions...
CVE-2026-54190 WordPress Envira Photo Gallery plugin <= 1.12.5 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Envira Photo Gallery = 1.12.5 versions...
CVE-2026-54190
CVE-2026-54190 : Unauthenticated Broken Access Control affects the WordPress plugin Envira Photo Gallery versions up to and including 1.12.5 . The available sources describe an unauthenticated access control flaw in this plugin, with the vulnerability present in the affected release range. The co...
WordPress Gallery Plugin for WordPress – Envira Photo Gallery plugin <= 1.12.0 - Missing Authorization to Authenticated (Author+) Multiple Gallery Actions vulnerability
Missing Authorization to Authenticated Author+ Multiple Gallery Actions vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Envira Photo Gallery versions = 1.12.0...
WordPress plugin Gallery Plugin for WordPress – Envira Photo Gallery 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin...
WordPress Envira Photo Gallery plugin <= 1.11.0 - Missing Authorization to Authenticated (Contributor+) Gallery Conversion vulnerability
Missing Authorization to Authenticated Contributor+ Gallery Conversion vulnerability discovered by Lucas Montes Nirox in WordPress Plugin Envira Photo Gallery versions = 1.11.0...
WordPress plugin Envira Photo Gallery 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-45560
Name of the Vulnerable Software and Affected Versions Envira Photo Gallery versions up to and including 1.11.0 Description The Envira Photo Gallery plugin for WordPress is susceptible to unauthorized data modification. This is due to a missing capability check on the /envira-convert/v1/bulk-conve...
EUVD-2020-30155
Malware in sbrugna...
EUVD-2023-58955
Malicious code in bioql PyPI...
EUVD-2024-40575
Malicious code in bioql PyPI...
CVE-2024-37095
Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3...
CVE-2023-6742
The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'enviragalleryinsertimages' function in all versions up to, and including, 1.8.7.1. This makes it possible for authenticated...
CVE-2020-9334
A stored XSS vulnerability exists in the Envira Photo Gallery plugin through 1.7.6 for WordPress. Successful exploitation of this vulnerability would allow a authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users...
CVE-2024-43925
Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.14...
CVE-2024-43925
Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.14...
CVE-2024-37095 WordPress Envira Photo Gallery plugin <= 1.8.7.3 - CSRF leading to notice dismissal vulnerability
Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3...
CVE-2024-37095
CVE-2024-37095 concerns the WordPress plugin Envira Gallery Lite/Envira Photo Gallery. Public data show a Missing Authorization vulnerability affecting Envira Gallery versions up to 1.8.7.3, described as a CSRF-related issue that can lead to a notice-dismissal scenario due to incorrectly configur...
CVE-2024-37095 WordPress Envira Photo Gallery plugin <= 1.8.7.3 - CSRF leading to notice dismissal vulnerability
Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3...