123 matches found
CVE-2025-13645
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajaxunzipfile' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary...
CVE-2025-13645
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajaxunzipfile' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary...
EUVD-2025-200723
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajaxunzipfile' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files...
CVE-2025-13646 Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Upload via Race Condition
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajaxunzipfile' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files...
CVE-2025-13646 Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Upload via Race Condition
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajaxunzipfile' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files...
CVE-2025-13646
Summary: CVE-2025-13646 affects the Modula Image Gallery plugin for WordPress (versions 2.13.1–2.13.2). The root cause is missing file type validation in the ajax_unzip_file function, enabling authenticated attackers with Author-level access or higher to upload arbitrary files via a race conditio...
CVE-2025-13645 Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Deletion
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajaxunzipfile' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary...
CVE-2025-13645
The CVE-2025-13645 entry concerns the Modula Image Gallery WordPress plugin. Affected versions 2.13.1–2.13.2 are vulnerable to arbitrary file deletion due to insufficient file path validation in the ajax_unzip_file function. Authenticated attackers with Author-level access or higher can delete ar...
EUVD-2025-200725
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajaxunzipfile' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary...
CVE-2025-13645 Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Deletion
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajaxunzipfile' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary...
WordPress plugin Modula Image Gallery 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
PT-2025-48789
Name of the Vulnerable Software and Affected Versions Modula Image Gallery plugin for WordPress versions 2.13.1 through 2.13.2 Description The Modula Image Gallery plugin for WordPress is susceptible to arbitrary file deletion due to inadequate file path validation within the ajax unzip file...
WordPress plugin Modula Image Gallery 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A path traversal...
PT-2025-48790
Name of the Vulnerable Software and Affected Versions Modula Image Gallery plugin for WordPress versions 2.13.1 through 2.13.2 Description The Modula Image Gallery plugin for WordPress is susceptible to arbitrary file uploads because of a lack of file type validation. This issue is present in the...
WordPress Modula Image Gallery plugin <= 2.13.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Que Thanh Tuan in WordPress Plugin Modula Image Gallery versions = 2.13.6...
WordPress Image Gallery – Photo Grid & Video Gallery plugin <= 2.12.28 - Improper Authorization to Authenticated (Author+) Arbitrary Image File Move vulnerability
Improper Authorization to Authenticated Author+ Arbitrary Image File Move vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Modula Image Gallery versions = 2.12.28...
EUVD-2020-29834
Malware in sbrugna...
EUVD-2022-44377
Malicious code in bioql PyPI...
EUVD-2024-51154
Malicious code in bioql PyPI...
EUVD-2024-54361
Malicious code in bioql PyPI...