4 matches found
CVE-2023-45069
CVE-2023-45069 affects Video Gallery – Best WordPress YouTube Gallery Plugin. It is an SQL Injection vulnerability caused by improper neutralization of input elements in the plugin’s SQL command path. Affected versions are reported from n/a through 2.1.3 (per NVD/Red Hat entries). The CVE has a h...
CVE-2024-9769
CVE-2024-9769 corresponds to the WordPress Video Gallery – YouTube Gallery plugin vulnerability: stored cross-site scripting via admin settings in all versions up to 2.4.1. Exploitation requires authenticated access with administrator-level permissions (and above) and is restricted to multisite i...
CVE-2024-10247
CVE-2024-10247 affects the WordPress plugin Video Gallery – YouTube Gallery and Vimeo Gallery up to version 2.4.2. The issue is a time-based SQL Injection caused by insufficient escaping of the user-supplied parameter in the orderby clause, allowing an authenticated attacker with Administrator-le...
CVE-2023-25979
CVE-2023-25979: WordPress Video Gallery (Video Gallery by Total-Soft)