Lucene search
K

762 matches found

Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.24 views

PT-2026-46858

Summary AVideo stores category descriptions from user input and later renders category description as raw HTML in the Gallery view. A user who can create or edit categories can store JavaScript in a category description, which executes when another user views the affected Gallery/category page...

5.4CVSS5.9AI score0.00162EPSS
Exploits1References4
NVD
NVD
added 2026/05/28 9:16 a.m.25 views

CVE-2026-7048

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 1.8.40 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation o...

6.5CVSS0.00504EPSS
Exploits0References10
EUVD
EUVD
added 2026/05/28 7:43 a.m.58 views

EUVD-2026-32744

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 1.8.40 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation o...

6.5CVSS5.9AI score0.00504EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:31 a.m.9 views

CVE-2026-8867

The Post Category Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'postcategorygallery' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as...

6AI score0.00198EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/05/20 12:12 p.m.11 views

WordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan in WordPress Plugin Image Photo Gallery Final Tiles Grid versions = 3.6.11...

4.3CVSS5.8AI score0.00206EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/05/19 11:18 a.m.29 views

CVE-2026-8912

CVE-2026-8912 affects the Contest Gallery plugin for WordPress up to version 28.1.6. It is an unauthenticated SQL Injection via the form_input parameter in the post_cg_gallery_form_upload AJAX action (cb branch of users-upload-check.php), where $f_input_id is concatenated unquoted into a SQL quer...

7.5CVSS5.9AI score0.00391EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/19 11:18 a.m.46 views

CVE-2026-8912 Contest Gallery <= 28.1.6 - Unauthenticated SQL Injection

The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'forminput' parameter in versions up to, and including, 28.1.6. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query inside the unauthenticat...

7.5CVSS0.00391EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.14 views

PT-2026-41885

Name of the Vulnerable Software and Affected Versions Contest Gallery versions prior to 28.1.7 Description The Contest Gallery plugin for WordPress contains a SQL Injection flaw. This occurs because the unauthenticated 'post cg gallery form upload' AJAX action fails to properly escape the form...

7.5CVSS5.9AI score0.00391EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/05/10 12:43 p.m.14 views

CVE-2021-47929 WordPress Plugin Filterable Portfolio Gallery 1.0 Stored XSS

Filterable Portfolio Gallery 1.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by entering payloads in the title field. Attackers can store JavaScript code like image tags with onerror handlers that execute when the gallery...

6.4CVSS5.8AI score0.00193EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2026/05/04 12:0 a.m.8 views

VulnCheck KEV: CVE-2022-1281

The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $POST'filtertag' parameter, which is appended to an SQL query, making SQL Injection attacks possible...

9.8CVSS7.4AI score0.23459EPSS
In wildExploits2References2
NVD
NVD
added 2026/04/24 6:16 a.m.8 views

CVE-2026-5347

The HM Books Gallery plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.8.0. This is due to the absence of capability checks and nonce verification in the admininit hook that handles the permalink settings update at line 205-209 of wp-books-gallery.php...

5.3CVSS0.00323EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/22 7:45 a.m.5 views

CVE-2026-4085 Easy Social Photos Gallery <= 3.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wrapper_class' Shortcode Attribute

The Easy Social Photos Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wrapperclass' shortcode attribute of the 'my-instagram-feed' shortcode in all versions up to, and including, 3.1.2. This is due to insufficient input sanitization and output escaping on user...

6.4CVSS5.9AI score0.00288EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.4 views

CVE-2026-39510

Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through = 3.6.11...

5.9AI score0.00204EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.5 views

PT-2026-31288

Name of the Vulnerable Software and Affected Versions Robo Gallery versions through 5.1.3 Description The Robo Gallery plugin for WordPress is susceptible to Stored Cross-Site Scripting via the 'Loading Label' setting. The plugin utilizes a custom |...| marker pattern within its fixJsFunction...

6.4CVSS5.9AI score0.00429EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2026/03/26 2:58 p.m.4 views

CVE-2026-4021

The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeover in all versions up to, and including, 28.1.5. This is due to the email confirmation handler in users-registry-check-after-email-or-pin-confirmation.php using the user's email strin...

8.1CVSS5.8AI score0.00436EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/25 5:45 p.m.4 views

Arbitrary File Upload

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Arbitrary File Upload in the saveFile function. An authenticated user with manage permissions on a video can execute arbitrary code on the server by uploading a...

8.8CVSS6.2AI score0.00639EPSS
Exploits1References2
CVE
CVE
added 2026/03/25 4:14 p.m.9 views

CVE-2026-25035

CVE-2026-25035 affects the WordPress Contest Gallery plugin, versions prior to 28.1.2.3 (i.e., &lt;= 28.1.2.2). The issue is described as an authentication bypass that enables authentication abuse via an alternate path or channel. Red Hat and ENISA entries reiterate the same impact for Contest Ga...

9.8CVSS5.8AI score0.00416EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/24 6:28 p.m.7 views

WordPress Contest Gallery plugin <= 28.1.5 - Unauthenticated Privilege Escalation Admin Account Takeover via Registration Confirmation Email-to-ID Type Confusion vulnerability

Unauthenticated Privilege Escalation Admin Account Takeover via Registration Confirmation Email-to-ID Type Confusion vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin Contest Gallery versions = 28.1.5...

8.1CVSS5.8AI score0.00436EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/23 11:25 p.m.3 views

CVE-2026-4021

The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeover in all versions up to, and including, 28.1.5. This is due to the email confirmation handler in users-registry-check-after-email-or-pin-confirmation.php using the user's email strin...

8.1CVSS5.7AI score0.00436EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/23 11:25 p.m.28 views

CVE-2026-4021 Contest Gallery <= 28.1.5 - Unauthenticated Privilege Escalation Admin Account Takeover via Registration Confirmation Email-to-ID Type Confusion

The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeover in all versions up to, and including, 28.1.5. This is due to the email confirmation handler in users-registry-check-after-email-or-pin-confirmation.php using the user's email strin...

8.1CVSS0.00436EPSS
Exploits0References6
Rows per page
Query Builder