Contest Gallery Security Vulnerabilities and Issues — Contest Gallery CVE List

Lucene search

Contest-galleryContest Gallery

3 matches found

CVE•added 2024/03/28 5:15 a.m.•62 views

CVE-2024-30236

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contest Gallery.This issue affects Contest Gallery: from n/a through 21.3.4.

9.9CVSS8.9AI score0.00367EPSS

CVE•added 2024/11/28 10:15 a.m.•56 views

CVE-2024-11103

The Contest Gallery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 24.0.7. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attacker...

9.8CVSS9.7AI score0.00206EPSS

CVE•added 2024/11/05 10:15 a.m.•46 views

CVE-2024-10687

The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons plugin for WordPress is vulnerable to time-based SQL Injection via the $collectedIds parameter in all versions up to, and including, 24.0.3 due to insufficient esc...

9.8CVSS9.7AI score0.0042EPSS