Lucene search
K

102 matches found

Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.17 views

PT-2026-47144

Name of the Vulnerable Software and Affected Versions The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress versions prior to 1.8.42 Description Insufficient escaping of user-supplied parameters and lack of proper preparation of SQL queries allow authenticated attackers...

6.5CVSS5.6AI score0.00325EPSS
Exploits0References16
NVD
NVD
added 2026/05/28 9:16 a.m.21 views

CVE-2026-7048

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 1.8.40 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation o...

6.5CVSS0.00504EPSS
Exploits0References10
EUVD
EUVD
added 2026/05/28 7:43 a.m.24 views

EUVD-2026-32744

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 1.8.40 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation o...

6.5CVSS5.9AI score0.00504EPSS
Exploits0References10
VulnCheck KEV
VulnCheck KEV
added 2026/05/04 12:0 a.m.7 views

VulnCheck KEV: CVE-2022-1281

The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $POST'filtertag' parameter, which is appended to an SQL query, making SQL Injection attacks possible...

9.8CVSS7.4AI score0.23459EPSS
In wildExploits2References2
RedhatCVE
RedhatCVE
added 2026/02/20 7:22 a.m.12 views

CVE-2025-12081

The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the "acfphotogalleryeditsave" function in all versions up to, and including, 3.0. This makes it possible for authenticated attackers, with subscriber level acce...

4.3CVSS5.7AI score0.00267EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:15 p.m.4 views

CVE-2025-53240

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in adamlabs WordPress Photo Gallery photo-gallery-portfolio allows Reflected XSS.This issue affects WordPress Photo Gallery: from n/a through = 1.1.0...

7.1CVSS0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

WordPress plugin “Photo Gallery” by 10Web – Mobile-Friendly Image Gallery security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/21 11:23 p.m.6 views

CVE-2026-1036

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deletecomment function in all versions up to, and including, 1.8.36. This makes it possible for unauthenticated attackers to...

5.3CVSS5.5AI score0.00219EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:12 a.m.7 views

CVE-2016-10921

The gallery-photo-gallery plugin before 1.0.1 for WordPress has SQL injection...

9.8CVSS7.8AI score0.01815EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.16 views

CVE-2022-0169

The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwgtagidbwgthumbnails0 parameter before using it in a SQL statement via the bwgfrontenddata AJAX action available to unauthenticated and authenticated users, leading to an unauthenticated SQL injection...

9.8CVSS7.1AI score0.74615EPSS
Exploits4References1
Cvelist
Cvelist
added 2026/01/06 4:28 p.m.30 views

CVE-2025-69084 WordPress Photo Gallery plugin <= 2.7.7.26 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gt3themes Photo Gallery gt3-photo-video-gallery allows Reflected XSS.This issue affects Photo Gallery: from n/a through = 2.7.7.26...

7.1CVSS0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-1531

Malware in sbrugna...

5.4CVSS5.5AI score0.02331EPSS
Exploits4References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-1530

Malware in sbrugna...

6.5CVSS6.2AI score0.01655EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2015-1198

Malware in sbrugna...

7.5CVSS6.3AI score0.02131EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-11224

Malware in sbrugna...

4.8CVSS5AI score0.01131EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-2417

Malware in sbrugna...

5.4CVSS5.5AI score0.00873EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.1 views

EUVD-2023-33892

Malicious code in bioql PyPI...

6.1CVSS7AI score0.00433EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-32600

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00333EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-4544

Malicious code in bioql PyPI...

6.4CVSS7.3AI score0.00229EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-15220

Malicious code in bioql PyPI...

4.8CVSS5.3AI score0.0032EPSS
Exploits1References3
Rows per page
Query Builder