Lucene search
+L

10 matches found

cve
cve
added 2026/07/01 9:32 a.m.13 views

CVE-2026-10095

CVE-2026-10095 affects the WP Photo Album Plus plugin for WordPress. The flaw is a Stored Cross-Site Scripting (XSS) via the subtext parameter in all versions up to and including 9.1.13.005, caused by insufficient input sanitization and output escaping. An authenticated attacker with contributor-...

6.4CVSS5.9AI score0.00241EPSS
Exploits0References11
euvd
euvd
added 2026/06/15 9:30 p.m.11 views

EUVD-2026-36950

Unauthenticated SQL Injection in WP Photo Album Plus = 9.1.08.001 versions...

9.3CVSS5.7AI score0.00295EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/18 6:0 a.m.7 views

CVE-2026-6379 WP Photo Album Plus < 9.1.11.001 - Unauthenticated SQL Injection via 'wppa-supersearch' Parameter

The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection attacks...

5.9AI score0.00472EPSS
Exploits1References1
cve
cve
added 2025/10/04 2:24 a.m.25 views

CVE-2025-8726

CVE-2025-8726 affects the WordPress plugin WP Photo Album Plus (versions up to and including 9.0.11.006). The vulnerability is a stored XSS in the wppa_user_upload function, exploitable by authenticated users with Subscriber+ privileges, allowing injection of scripts that run in victims’ browsers...

5.4CVSS5.1AI score0.00196EPSS
Exploits0References3
patchstack
patchstack
added 2025/03/27 12:32 a.m.6 views

WordPress Audio Album plugin <= 1.5.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Audio Album versions = 1.5.0...

6.5CVSS6.2AI score0.00322EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2024/11/18 10:32 a.m.6 views

WordPress AI Responsive Gallery Album plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin AI Responsive Gallery Album versions = 1.4...

7.1CVSS6.1AI score0.0032EPSS
Exploits0Affected Software1
cvelist
cvelist
added 2024/04/24 7:18 a.m.22 views

CVE-2024-32775 WordPress Embed Google Photos album plugin <= 2.1.9 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Pavex Embed Google Photos album.This issue affects Embed Google Photos album: from n/a through 2.1.9...

4.9CVSS5.4AI score0.00295EPSS
Exploits0References1
cvelist
cvelist
added 2023/10/18 1:31 p.m.33 views

CVE-2023-45630 WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Unauth. Stored Cross-Site Scripting XSS vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin = 2.0.3 versions...

6.5CVSS6.1AI score0.00313EPSS
Exploits0References1
cvelist
cvelist
added 2023/10/16 8:31 a.m.32 views

CVE-2023-45629 WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin = 2.0.3 versions...

5.4CVSS9AI score0.00184EPSS
Exploits0References1
patchstack
patchstack
added 2023/10/11 12:0 a.m.11 views

WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Broken Access Control

Software Responsive Image Gallery, Gallery Album Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-45631 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7e6e693f7601 Credits thiennv...

6.6AI score0.00306EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder