4 matches found
EUVD-2025-197684
The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ajaximportfile function in all versions up to, and including, 2.12.28. This makes it possible for authenticated attackers, with author-level...
CVE-2025-12494
The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ajaximportfile function in all versions up to, and including, 2.12.28. This makes it possible for authenticated attackers, with author-level...
WordPress plugin Image Gallery – Photo Grid & Video Gallery 授权问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. An authorization issue...
WordPress Image Gallery – Photo Grid & Video Gallery plugin <= 2.12.28 - Improper Authorization to Authenticated (Author+) Arbitrary Image File Move vulnerability
Improper Authorization to Authenticated Author+ Arbitrary Image File Move vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Modula Image Gallery versions = 2.12.28...