Lucene search
K

503 matches found

Nuclei
Nuclei
added 9 hours ago10 views

Contest Gallery - Broken Access Control

Contest Gallery from n/a through 23.1.2 contains an exposure of sensitive information to an unauthorized actor caused by insufficient access controls, letting attackers access sensitive data, exploit requires no specific conditions. id: CVE-2024-43283 info: name: Contest Gallery - Broken Access...

7.5CVSS5.8AI score0.01104EPSS
Exploits0References2
NVD
NVD
added 6 days ago8 views

CVE-2026-57662

Contributor SQL Injection in Contest Gallery = 30.0.0 versions...

8.5CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2026-57662

The CVE-2026-57662 entry concerns the WordPress Contest Gallery plugin (versions up to and including 30.0.0). The connected documents confirm a SQL Injection vulnerability affecting this plugin, tied to Contest Gallery

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-57662

Contributor SQL Injection in Contest Gallery = 30.0.0 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-39667

Contributor SQL Injection in Contest Gallery = 30.0.0 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-57662 WordPress Contest Gallery plugin <= 30.0.0 - SQL Injection vulnerability

Contributor SQL Injection in Contest Gallery = 30.0.0 versions...

8.5CVSS0.00211EPSS
Exploits0References1
Patchstack
Patchstack
added 6 days ago9 views

WordPress Contest Gallery plugin <= 30.0.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Contest Gallery versions = 30.0.0...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago11 views

PT-2026-52832

Name of the Vulnerable Software and Affected Versions Contest Gallery versions prior to 30.0.1 Description A SQL Injection issue exists that allows attackers with contributor-level permissions to execute unauthorized database queries remotely. Recommendations Update to a version newer than 30.0.0...

8.5CVSS5.9AI score0.00211EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/17 6:35 p.m.9 views

EUVD-2026-37586

The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 30.0.2 via the RegistryUserRole parameter. This is due to the plugin's admin menu being registered at the editposts...

8.8CVSS5.3AI score0.00408EPSS
Exploits0References7
NVD
NVD
added 2026/06/17 1:19 p.m.7 views

CVE-2026-12165

The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 30.0.2 via the RegistryUserRole parameter. This is due to the plugin's admin menu being registered at the editposts...

8.8CVSS0.00408EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/17 9:30 a.m.31 views

CVE-2026-12165 Contest Gallery <= 30.0.2 - Authenticated (Author+) Privilege Escalation via 'RegistryUserRole' Parameter

The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 30.0.2 via the RegistryUserRole parameter. This is due to the plugin's admin menu being registered at the editposts...

8.8CVSS0.00408EPSS
Exploits0References6
CVE
CVE
added 2026/06/17 9:30 a.m.18 views

CVE-2026-12165

CVE-2026-12165 affects the WordPress plugin “Contest Gallery” (versions

8.8CVSS5.2AI score0.00408EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/15 9:30 p.m.7 views

EUVD-2026-36980

Unauthenticated SQL Injection in Contest Gallery = 28.1.6 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.5 views

CVE-2026-42657

Unauthenticated Other Vulnerability Type in Contest Gallery = 28.1.7 versions...

5.3CVSS0.00219EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.6 views

CVE-2026-42656

Subscriber Cross Site Scripting XSS in Contest Gallery = 28.1.6 versions...

6.5CVSS0.00205EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.6 views

CVE-2026-42660

Subscriber Sensitive Data Exposure in Contest Gallery = 28.1.7 versions...

6.5CVSS0.00345EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.5 views

CVE-2026-40771

Unauthenticated SQL Injection in Contest Gallery = 28.1.6 versions...

9.3CVSS0.00283EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:18 p.m.5 views

EUVD-2026-36825

Subscriber Sensitive Data Exposure in Contest Gallery = 28.1.7 versions...

6.5CVSS5.2AI score0.00345EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.8 views

CVE-2026-42660

CVE-2026-42660 affects the WordPress Contest Gallery plugin up to version 28.1.7 . The issue is described as a Sensitive Data Exposure impacting subscribers. Documents provide the vulnerability label and affected version but do not include root cause specifics, exploit details, or concrete remedi...

6.5CVSS5.2AI score0.00345EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.25 views

CVE-2026-42660 WordPress Contest Gallery plugin <= 28.1.7 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Contest Gallery = 28.1.7 versions...

6.5CVSS0.00345EPSS
Exploits0References1
Rows per page
Query Builder