Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

195 matches found

Nuclei
Nucleiadded yesterday28 views

FooGallery plugin <= 2.2.35 - Cross-Site Scripting

Reflected Cross-Site Scripting XSS vulnerability in FooPlugins FooGallery plugin = 2.2.35 versions. id: CVE-2023-29439 info: name: FooGallery plugin = 2.2.35 - Cross-Site Scripting author: theamanrawat severity: medium description: | Reflected Cross-Site Scripting XSS vulnerability in FooPlugins...

7.1CVSS6.7AI score0.01747EPSS
Exploits1References5
NVD
NVDadded 2026/06/13 7:16 a.m.11 views

CVE-2026-9134

The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customattributekey' shortcode parameter in versions up to, and including, 3.1.31 This is due to an incomplete JavaScript event handler blacklist in the foogallerysanitizejavascript function, which blocks onl...

6.4CVSS0.00203EPSS
Exploits0References5
CVE
CVEadded 2026/06/13 6:47 a.m.22 views

CVE-2026-9134

The FooGallery WordPress plugin is vulnerable to Stored XSS in versions up to 3.1.31 through the custom_attribute_key shortcode parameter. Root cause: incomplete JavaScript event handler blacklist in foogallery_sanitize_javascript() and failure to escape the attribute key in foogallery_build_cont...

6.4CVSS5.6AI score0.00203EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/06/13 6:47 a.m.6 views

CVE-2026-9134 Photo Gallery by FooGallery : Responsive Image Gallery, Masonry Gallery & Carousel <= 3.1.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'custom_attribute_key' Shortcode Parameter

The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customattributekey' shortcode parameter in versions up to, and including, 3.1.31 This is due to an incomplete JavaScript event handler blacklist in the foogallerysanitizejavascript function, which blocks onl...

6.4CVSS5.5AI score0.00203EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/06/13 12:0 a.m.10 views

PT-2026-49082

Name of the Vulnerable Software and Affected Versions FooGallery versions prior to 3.1.32 Description The FooGallery plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs because the foogallery sanitize javascript function uses an incomplete blacklist for JavaScript event...

6.4CVSS5.5AI score0.00203EPSS
Exploits0References11
Patchstack
Patchstackadded 2026/06/12 6:3 p.m.5 views

WordPress Photo Gallery by FooGallery : Responsive Image Gallery, Masonry Gallery & Carousel plugin <= 3.1.31 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin FooGallery versions = 3.1.31...

6.4CVSS5.2AI score0.00203EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2026/05/01 9:31 a.m.6 views

WordPress Gallery by FooGallery plugin <= 2.4.27 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin FooGallery versions = 2.4.27...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVEadded 2026/02/20 1:27 p.m.2 views

CVE-2026-25363

Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through = 3.1.11...

4.3CVSS5.5AI score0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/20 1:26 p.m.4 views

CVE-2026-25362

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...

5.9CVSS5.5AI score0.00167EPSS
Exploits0References1
NVD
NVDadded 2026/02/19 9:16 a.m.3 views

CVE-2026-25362

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...

5.9CVSS0.00167EPSS
Exploits0References1
CVE
CVEadded 2026/02/19 8:26 a.m.5 views

CVE-2026-25363

CVE-2026-25363 affects WordPress FooGallery plugin

4.3CVSS5.4AI score0.00185EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/02/19 8:26 a.m.28 views

CVE-2026-25363 WordPress FooGallery plugin <= 3.1.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through = 3.1.11...

4.3CVSS0.00185EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/19 8:26 a.m.1 views

CVE-2026-25363

Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through = 3.1.11...

5.5AI score0.00185EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/02/19 8:26 a.m.2 views

CVE-2026-25363 WordPress FooGallery plugin <= 3.1.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through = 3.1.11...

5.3AI score0.00185EPSS
Exploits0References1
CVE
CVEadded 2026/02/19 8:26 a.m.8 views

CVE-2026-25362

CVE-2026-25362 describes a stored XSS in the FooGallery plugin for WordPress (FooGallery

5.9CVSS5.4AI score0.00167EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/19 8:26 a.m.4 views

CVE-2026-25362

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...

5.5AI score0.00167EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/02/19 8:26 a.m.25 views

CVE-2026-25362 WordPress FooGallery plugin <= 3.1.11 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...

5.9CVSS0.00167EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/19 8:26 a.m.3 views

CVE-2026-25362 WordPress FooGallery plugin <= 3.1.11 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...

5.9CVSS5.5AI score0.00167EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/02/19 12:0 a.m.3 views

WordPress plugin FooGallery 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.9CVSS5.7AI score0.00167EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/02/19 12:0 a.m.4 views

WordPress plugin FooGallery 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.8AI score0.00185EPSS
Exploits0References1
Rows per page
Query Builder