EUVD-2025-3298

Malicious code in bioql PyPI...

EUVD-2024-45889

Malicious code in bioql PyPI...

CVE-2025-23629

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Subhasis Laha Gallerio gallerio allows Reflected XSS.This issue affects Gallerio: from n/a through = 1.0.1...

CVE-2024-52400

Unrestricted Upload of File with Dangerous Type vulnerability in Subhasis Laha Gallerio gallerio allows Upload a Web Shell to a Web Server.This issue affects Gallerio: from n/a through = 1.01...

CVE-2025-23629

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Subhasis Laha Gallerio gallerio allows Reflected XSS.This issue affects Gallerio: from n/a through = 1.0.1...

CVE-2025-23629

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Subhasis Laha Gallerio gallerio allows Reflected XSS.This issue affects Gallerio: from n/a through = 1.0.1...

CVE-2025-23629 WordPress Gallerio plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Subhasis Laha Gallerio gallerio allows Reflected XSS.This issue affects Gallerio: from n/a through = 1.0.1...

CVE-2025-23629

CVE-2025-23629 is a Reflected Cross‑Site Scripting vulnerability in the WordPress plugin Gallerio . The initial description states an XSS by improper neutralization of input during Web Page Generation, affecting Gallerio versions from n/a up to 1.0.1 . Connected sources corroborate the CVE as a G...

PT-2025-4987 · Subhasis Laha · Gallerio

Name of the Vulnerable Software and Affected Versions: Subhasis Laha Gallerio versions 1.0.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This enables attackers to inject malicious...

WordPress plugin Gallerio 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site...

WordPress Gallerio plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Gallerio versions = 1.0.1...

CVE-2024-52400

Unrestricted Upload of File with Dangerous Type vulnerability in Subhasis Laha Gallerio gallerio allows Upload a Web Shell to a Web Server.This issue affects Gallerio: from n/a through = 1.01...

CVE-2024-52400

CVE-2024-52400 affects the WordPress Gallerio plugin up to version 1.01. It is an Unrestricted Upload of a File with Dangerous Type vulnerability, allowing an attacker to upload a web shell and potentially execute arbitrary code on the server. Affected versions are listed as n/a through 1.01. The...

CVE-2024-52400 WordPress Gallerio plugin <= 1.01 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Subhasis Laha Gallerio gallerio allows Upload a Web Shell to a Web Server.This issue affects Gallerio: from n/a through = 1.01...

CVE-2024-52400 WordPress Gallerio plugin <= 1.01 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Subhasis Laha Gallerio allows Upload a Web Shell to a Web Server.This issue affects Gallerio: from n/a through 1.01...

WordPress plugin Gallerio 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue exists...

PT-2024-35239 · Subhasis Laha · Gallerio

Name of the Vulnerable Software and Affected Versions: Subhasis Laha Gallerio versions n/a through 1.01 Description: The issue allows an unrestricted upload of a file with a dangerous type, enabling the upload of a web shell to a web server. This can lead to potential security risks...

WordPress Gallerio plugin <= 1.01 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by CTRL - Chance Patchstack Alliance in WordPress Plugin Gallerio versions = 1.01...

WordPress Gallerio Plugin <= 1.01 is vulnerable to Arbitrary File Upload

Software Gallerio Type Plugin Vulnerable versions = 1.01 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-52400 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID b36e242fa444 Credits CTRL Chance Required privilege Subscriber Publish...