Customizable Wordpress Gallery Plugin - Modula Image Gallery Security Vulnerabilities and Issues — Customizable Wordpress Gallery Plugin - Modula Image Gallery CVE List

Lucene search

WpchillCustomizable Wordpress Gallery Plugin - Modula Image Gallery

6 matches found

CVE•added 2023/10/16 8:15 p.m.•87 views

CVE-2023-3154

The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to PHAR Deserialization due to a lack of input parameter validation in the gallery_edit function, allowing an attacker to access arbitrary resources on the server.

7.5CVSS7.4AI score0.00372EPSS

CVE•added 2023/10/16 8:15 p.m.•72 views

CVE-2023-3279

The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks

4.9CVSS4.9AI score0.00533EPSS

CVE•added 2023/10/16 8:15 p.m.•62 views

CVE-2023-3155

The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the gallery_edit function, allowing an attacker to access arbitrary resources on the server.

7.2CVSS7AI score0.0027EPSS

CVE•added 2022/11/18 11:15 p.m.•47 views

CVE-2022-41135

Unauth. Plugin Settings Change vulnerability in Modula plugin

6.5CVSS5.4AI score0.00056EPSS

CVE•added 2025/01/08 10:15 a.m.•42 views

CVE-2024-12853

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 2.11.10. This makes it possible for authenticated attackers, with Author-level access and above, to upload ...

8.8CVSS8.9AI score0.01384EPSS

CVE•added 2025/04/03 1:15 p.m.•33 views

CVE-2024-9416

The Modula Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions

6.4CVSS5.9AI score0.00043EPSS