16 matches found
CVE-2026-42680
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...
CVE-2026-42680
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...
CVE-2026-42680
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...
EUVD-2026-33657
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...
CVE-2026-42680 WordPress Contest Gallery Pro plugin <= 29.0.1 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...
PT-2026-45433
Name of the Vulnerable Software and Affected Versions Contest Gallery Pro versions prior to 29.0.1 Description Incorrect privilege assignment allows for privilege escalation within the software. Recommendations Update to a version newer than 29.0.1...
CVE-2026-24964
Server-Side Request Forgery SSRF vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Server Side Request Forgery.This issue affects Contest Gallery: from n/a through = 28.1.2.1...
PT-2026-27894
Name of the Vulnerable Software and Affected Versions Contest Gallery versions prior to 28.1.2.3 Description A flaw exists in Contest Gallery that allows for authentication bypass. This allows for authentication abuse by utilizing an alternate path or channel. Recommendations Update Contest Galle...
PT-2026-27860
Name of the Vulnerable Software and Affected Versions Contest Gallery versions through 28.1.2.1 Description A Server-Side Request Forgery SSRF vulnerability exists in Contest Gallery. This allows for Server Side Request Forgery. The vulnerability affects versions through 28.1.2.1. Recommendations...
EUVD-2026-5224
Missing Authorization vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contest Gallery: from n/a through = 28.1.1...
EUVD-2025-38048
Cross-Site Request Forgery CSRF vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Cross Site Request Forgery.This issue affects Contest Gallery: from n/a through = 28.0.0...
PT-2025-45327
Cross-Site Request Forgery CSRF vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Cross Site Request Forgery.This issue affects Contest Gallery: from n/a through = 28.0.0...
CVE-2025-48291
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through = 26.0.6...
WordPress Contest Gallery plugin <= 26.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via id Parameter vulnerability discovered by stealthcopter in WordPress Plugin Contest Gallery versions = 26.0.6...
VulnCheck KEV: CVE-2024-39631
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through = 23.1.2...
WordPress Contest Gallery Plugin <= 21.2.8.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Contest Gallery Type Plugin Vulnerable versions = 21.2.8.4 Fixed in 21.2.9 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-24887 Patch priority Low CVSS severity Low 5.4 Developer Wasiliy Strecker PSID bc8832951ec5 Credits Dhabaleshwar D...