Envira Gallery@* Security Vulnerabilities and Issues — Envira Gallery@* CVE List

Lucene search

EnviragalleryEnvira Gallery*

3 matches found

CVE•added 2024/01/11 9:15 a.m.•65 views

CVE-2023-6742

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'envira_gallery_insert_images' function in all versions up to, and including, 1.8.7.1. This makes it possible for authenticated ...

4.3CVSS4.6AI score0.00159EPSS

CVE•added 2024/09/11 6:15 a.m.•37 views

CVE-2024-3899

The Gallery Plugin for WordPress WordPress plugin before 1.8.15 does not sanitise and escape some of its image settings, which could allow users with post-writing privilege such as Author to perform Cross-Site Scripting attacks.

4.8CVSS5.3AI score0.00072EPSS

CVE•added 2024/11/01 3:15 p.m.•34 views

CVE-2024-43925

Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.14.

8.8CVSS5.7AI score0.00177EPSS