PT-2026-20708

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through = 3.1.11...

EUVD-2025-6297

Malicious code in bioql PyPI...

EUVD-2024-16397

Malicious code in bioql PyPI...

EUVD-2025-5986

Malicious code in bioql PyPI...

EUVD-2025-21116

Malicious code in bioql PyPI...

CVE-2025-6068 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-caption-title & data-caption-description HTML attributes in all versions up to, and including, 2.4.31 due to insufficient input...

CVE-2025-6068 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-caption-title & data-caption-description HTML attributes in all versions up to, and including, 2.4.31 due to insufficient input...

CVE-2024-12119

The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the defaultgallerytitlesize parameter in all versions up to, and including, 2.4.29 due to insufficient input sanitization and output escapin...

CVE-2024-12114 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.29 - Insecure Direct Object Reference to Authenticated (Custom+) Arbitrary Post/Page Updates

The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.29 via the foogalleryattachmentmodalsave AJAX action due to missing validation on a user controll...

CVE-2024-12114 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.29 - Insecure Direct Object Reference to Authenticated (Custom+) Arbitrary Post/Page Updates

The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.29 via the foogalleryattachmentmodalsave AJAX action due to missing validation on a user controll...

CVE-2024-12119

CVE-2024-12119 affects FooGallery – Responsive Photo Gallery (WordPress) up to version 2.4.29. It is a stored Cross‑Site Scripting vulnerability caused by insufficient input sanitization and output escaping for the gallery title/album title size parameter. Exploitation requires an authenticated a...

WordPress FooGallery plugin <= 2.4.29 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Andres Roldan in WordPress Plugin FooGallery versions = 2.4.29...

CVE-2025-22624

FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php...

CVE-2025-22624

FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php...

CVE-2025-22624

CVE-2025-22624 affects FooGallery – Responsive Photo Gallery (WordPress plugin) up to version 2.4.29. The issue is a reflected XSS arising from unvalidated untrusted data in myapp/extensions/albums/admin/class-meta-boxes.php. Public references confirm the vulnerability and indicate a patch is ava...

CVE-2025-22624 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 - Reflected cross-site scripting (XSS)

FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php...

WordPress plugin FooGallery security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2023-29439 WordPress FooGallery Plugin <= 2.2.35 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in FooPlugins FooGallery plugin = 2.2.35 versions...