2 matches found
CVE-2025-32121
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SuitePlugins Video & Photo Gallery for Ultimate Member gallery-for-ultimate-member allows SQL Injection.This issue affects Video & Photo Gallery for Ultimate Member: from n/a through = 1.1.3...
CVE-2025-22672
CVE-2025-22672 is a Server-Side Request Forgery (SSRF) vulnerability affecting WordPress plugin “Video & Photo Gallery for Ultimate Member” (versions up to and including 1.1.2). The issue, confirmed in multiple sources, is due to SSRF in the plugin and is listed as affecting versions from n/a thr...