Photo Gallery Security Vulnerabilities and Issues — Photo Gallery CVE List

Lucene search

Ays-proPhoto Gallery

6 matches found

CVE•added 2019/08/22 1:15 p.m.•40 views

CVE-2016-10921

The gallery-photo-gallery plugin before 1.0.1 for WordPress has SQL injection.

9.8CVSS9.9AI score0.00546EPSS

CVE•added 2023/06/12 6:15 p.m.•39 views

CVE-2023-2568

The Photo Gallery by Ays WordPress plugin before 5.1.7 does not escape some parameters before outputting it back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin

6.1CVSS6.1AI score0.00121EPSS

CVE•added 2024/07/09 11:15 a.m.•37 views

CVE-2024-37442

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Photo Gallery Team Photo Gallery by Ays allows Code Injection.This issue affects Photo Gallery by Ays: from n/a before 5.7.1.

5.5CVSS5.3AI score0.00141EPSS

CVE•added 2021/08/02 11:15 a.m.•36 views

CVE-2021-24462

The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin before 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection is...

8.8CVSS9.1AI score0.00532EPSS

CVE•added 2023/10/03 12:15 p.m.•36 views

CVE-2023-39917

Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.2.6 versions.

8.8CVSS6.5AI score0.00147EPSS

CVE•added 2023/08/18 2:15 p.m.•35 views

CVE-2023-32107

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.1.3 versions.

7.1CVSS6AI score0.00083EPSS