CVE-2026-22345

Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through = 1.6...

CVE-2026-22345

Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through = 1.6...

CVE-2026-22345

Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through = 1.6...

CVE-2026-22345 WordPress Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery plugin <= 1.6.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery new-image-gallery allows Object Injection.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through = 1.6...

WordPress plugin Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-21196

Name of the Vulnerable Software and Affected Versions A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery versions through 1.6.0 Description The software contains a flaw related to the deserialization of untrusted data, specifically allowing for object injection...

WordPress Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery plugin <= 1.6.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery versions = 1.6.0...

CVE-2022-0750

The Photoswipe Masonry Gallery WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the thumbnailwidth, thumbnailheight, maximagewidth, and maximageheight parameters found in the /photoswipe-masonry.php file which allows authenticated attackers t...

CVE-2025-67912

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Premio Stars Testimonials stars-testimonials-with-slider-and-masonry-grid allows Stored XSS.This issue affects Stars Testimonials: from n/a through = 3.3.4...

EUVD-2025-28573

Malicious code in bioql PyPI...

EUVD-2022-15813

Malicious code in bioql PyPI...

CVE-2025-5488

The WP Masonry & Infinite Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wmis' shortcode in all versions up to, and including, 2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-5488 WP Masonry & Infinite Scroll <= 2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP Masonry & Infinite Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wmis' shortcode in all versions up to, and including, 2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-5488

CVE-2025-5488 affects the WordPress plugin WP Masonry & Infinite Scroll. The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin’s wmis shortcode, present in all versions up to and including 2.2, caused by insufficient input sanitization and output escaping on user-supplied attribu...

WordPress plugin WP Masonry & Infinite Scroll 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

MAL-2025-5231 Malicious code in masonry-thingies.js (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e70accfc2426ff18c07044dbff04eb2751b242ea1db0e71907cba610a17da65b Any computer that has this package installed or running should be considered...

WordPress Photo Gallery Slideshow & Masonry Tiled Gallery plugin <= 1.0.15 - Authenticated (Subscriber+) Limited Server-Side Request Forgery vulnerability

Authenticated Subscriber+ Limited Server-Side Request Forgery vulnerability discovered by shaman0x01 in WordPress Plugin Photo Gallery Slideshow & Masonry Tiled Gallery versions = 1.0.15...

WordPress plugin Photo Gallery Slideshow & Masonry Tiled Gallery 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in the...

PT-2025-1788 · WordPress · The Photo Gallery Slideshow & Masonry Tiled Gallery

Name of the Vulnerable Software and Affected Versions: The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress versions up to, and including, 1.0.15 Description: The issue allows authenticated attackers with Subscriber-level access and above to make web requests to arbitrary...

WordPress Portfolio – Filterable Masonry Portfolio Gallery for Professionals plugin <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Portfolio – Filterable Masonry Portfolio Gallery for Professionals versions = 1.2.2...