6 matches found
CVE-2026-4766 Easy Image Gallery <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Shortcode Post Meta
The Easy Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Gallery shortcode post meta field in all versions up to, and including, 1.5.3. This is due to insufficient input sanitization and output escaping on user-supplied gallery shortcode values. This makes ...
CVE-2024-8431
The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajaxGetGalleryJson function in all versions up to, and including, 3.2.21. This makes it possible for authenticated attackers, with...
PT-2025-5521 · Unknown · The Photo Gallery – Gt3 Image Gallery & Gutenberg Block Gallery
Name of the Vulnerable Software and Affected Versions: Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery versions through 2.7.7.24 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for...
CVE-2025-0721
A vulnerability classified as problematic has been found in needyamin imagegallery 1.0. This affects the function imagegallery of the file /view.php. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-22317 WordPress Gallery Images Ape plugin <= 2.2.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gallery Ape Photo Gallery – Image Gallery by Ape gallery-images-ape allows Reflected XSS.This issue affects Photo Gallery – Image Gallery by Ape: from n/a through = 2.2.8...
CVE-2021-24362
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded SVG files added to a gallery do not contain malicious content. As a result, users allowed to add images to gallery can upload an SVG file containing JavaScript code, which will b...