Lucene search
+L

25 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:3 a.m.6 views

CVE-2024-39640

Missing Authorization vulnerability in QuadLayers WP Social Feed Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Social Feed Gallery: from n/a through 4.3.9...

6.5CVSS7AI score0.00424EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/07 6:5 a.m.11 views

CVE-2025-13896

The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the igp-wp shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.1AI score0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/06 6:30 a.m.6 views

EUVD-2025-201534

The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the igp-wp shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS4.7AI score0.00201EPSS
Exploits0References6
CVE
CVE
added 2025/12/06 5:49 a.m.21 views

CVE-2025-13896

CVE-2025-13896 : WordPress plugin Social Feed Gallery Portfolio (versions

6.4CVSS4.8AI score0.00201EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/26 7:16 a.m.14 views

CVE-2025-10637

The Social Feed Gallery plugin for WordPress is vulnerable to Information Exposure in versions less than, or equal to, 4.9.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to exfiltrate Instagr...

5.3CVSS6.1AI score0.00277EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/26 12:0 a.m.9 views

WordPress plugin Social Feed Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.6AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2025/10/25 7:15 a.m.8 views

CVE-2025-10637

The Social Feed Gallery plugin for WordPress is vulnerable to Information Exposure in versions less than, or equal to, 4.9.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to exfiltrate Instagr...

5.3CVSS0.00277EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/25 6:49 a.m.6 views

CVE-2025-10637 Social Feed Gallery <= 4.9.2 - Missing Authorization to Unauthenticated Information Exposure

The Social Feed Gallery plugin for WordPress is vulnerable to Information Exposure in versions less than, or equal to, 4.9.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to exfiltrate Instagr...

5.3CVSS5.7AI score0.00277EPSS
Exploits0References4
CVE
CVE
added 2025/10/25 6:49 a.m.38 views

CVE-2025-10637

CVE-2025-10637 concerns the Social Feed Gallery (insta-gallery) WordPress plugin. Multiple connected sources confirm a vulnerability in versions

5.3CVSS5.7AI score0.00277EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/25 6:49 a.m.11 views

CVE-2025-10637 Social Feed Gallery <= 4.9.2 - Missing Authorization to Unauthenticated Information Exposure

The Social Feed Gallery plugin for WordPress is vulnerable to Information Exposure in versions less than, or equal to, 4.9.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to exfiltrate Instagr...

5.3CVSS0.00277EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/10/25 2:57 a.m.8 views

WordPress Social Feed Gallery plugin <= 4.9.2 - Missing Authorization to Unauthenticated Information Exposure vulnerability

Missing Authorization to Unauthenticated Information Exposure vulnerability discovered by 3r1c e in WordPress Plugin WP Social Feed Gallery versions = 4.9.2...

5.3CVSS6.7AI score0.00277EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/25 12:0 a.m.12 views

PT-2025-43718

Name of the Vulnerable Software and Affected Versions Social Feed Gallery plugin for WordPress versions prior to 4.9.3 Description The Social Feed Gallery plugin for WordPress is susceptible to Information Exposure due to inadequate user authorization verification. This allows unauthenticated...

5.3CVSS6.5AI score0.00277EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-38145

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00424EPSS
Exploits0References1
NVD
NVD
added 2024/11/01 3:15 p.m.20 views

CVE-2024-39640

Missing Authorization vulnerability in QuadLayers WP Social Feed Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Social Feed Gallery: from n/a through 4.3.9...

6.5CVSS0.00424EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/01 2:17 p.m.29 views

CVE-2024-39640 WordPress Social Feed Gallery plugin <= 4.3.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in QuadLayers WP Social Feed Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Social Feed Gallery: from n/a through 4.3.9...

6.5CVSS0.00424EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/01 2:17 p.m.16 views

CVE-2024-39640 WordPress Social Feed Gallery plugin <= 4.3.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in QuadLayers WP Social Feed Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Social Feed Gallery: from n/a through 4.3.9...

6.5CVSS6.9AI score0.00424EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 2:17 p.m.51 views

CVE-2024-39640

CVE-2024-39640: WordPress WP Social Feed Gallery (insta-gallery)

6.5CVSS6.5AI score0.00424EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.6 views

WordPress plugin WP Social Feed Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.7AI score0.00424EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/01 1:53 p.m.6 views

WordPress Social Feed Gallery plugin <= 4.3.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WP Social Feed Gallery versions = 4.3.9...

6.5CVSS7AI score0.00424EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/01 12:0 a.m.17 views

WordPress WP Social Feed Gallery Plugin <= 4.3.9 is vulnerable to Broken Access Control

Software WP Social Feed Gallery Type Plugin Vulnerable versions = 4.3.9 Fixed in 4.4.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-39640 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID dd020799eba7 Credits Rafie Muhammad...

6.5CVSS6.8AI score0.00424EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder