Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 50 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-25035 WordPress Contest Gallery plugin <= 28.1.2.2 - Account Takeover vulnerability Wasiliy Strecker / ContestGallery developerContest Gallery Critical 9.8 2026-03-25 16:14:39 Deep Dive
CVE-2026-24964 WordPress Contest Gallery plugin <= 28.1.2.1 - Server Side Request Forgery (SSRF) vulnerability Wasiliy Strecker / ContestGallery developerContest Gallery Medium 6.4 2026-03-25 16:14:33 Deep Dive
CVE-2026-4021 Contest Gallery <= 28.1.5 - Unauthenticated Privilege Escalation Admin Account Takeover via Registration Confirmation Email-to-ID Type Confusion contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe High 8.1 2026-03-23 23:25:50 Deep Dive
CVE-2026-3180 Contest Gallery <= 28.1.4 - Unauthenticated SQL Injection contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe High 7.5 2026-03-02 17:23:36 Deep Dive
CVE-2026-24965 WordPress Contest Gallery plugin <= 28.1.1 - Broken Access Control vulnerability Wasiliy Strecker / ContestGallery developerContest Gallery--2026-02-03 14:08:35 Deep Dive
CVE-2025-12849 Contest Gallery <= 28.0.2 - Missing Authorization contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe Medium 5.3 2025-11-15 06:41:31 Deep Dive
CVE-2025-62950 WordPress Contest Gallery plugin <= 28.0.0 - Cross Site Request Forgery (CSRF) vulnerability Wasiliy Strecker / ContestGallery developerContest Gallery Medium 4.3 2025-11-06 15:56:05 Deep Dive
CVE-2025-11254 Contest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.3 - Unauthenticated CSV Injection contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe Medium 4.3 2025-10-11 08:29:16 Deep Dive
CVE-2025-10383 Contest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.2 - Authenticated (Author+) Stored Cross-Site Scripting contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe Medium 6.4 2025-10-04 03:33:32 Deep Dive
CVE-2025-7725 Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI <= 26.1.0 - Unauthenticated Stored Cross-Site Scripting contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe High 7.2 2025-08-01 04:24:29 Deep Dive
CVE-2025-48291 WordPress Contest Gallery <= 26.0.6 - Cross Site Scripting (XSS) Vulnerability Wasiliy Strecker / ContestGallery developerContest Gallery High 7.1 2025-07-16 11:28:02 Deep Dive
CVE-2025-6716 Contest Gallery <= 26.0.8 - Authenticated (Author+) Stored Cross-Site Scripting contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe Medium 6.4 2025-07-11 06:43:33 Deep Dive
CVE-2025-3862 Contest Gallery <= 26.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe Medium 6.4 2025-05-08 11:13:45 Deep Dive
CVE-2025-1513 Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 26.0.0.1 - Unauthenticated Stored Cross-Site Scripting contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe High 7.2 2025-02-28 05:23:15 Deep Dive
CVE-2025-22693 WordPress Contest Gallery plugin <= 25.1.0 - SQL Injection vulnerability Wasiliy Strecker / ContestGallery developerContest Gallery High 7.6 2025-02-03 14:23:52 Deep Dive
CVE-2024-56237 WordPress Contest Gallery plugin <= 24.0.3 - Cross Site Scripting (XSS) vulnerability Wasiliy Strecker / ContestGallery developerContest Gallery Medium 5.9 2025-01-02 12:01:15 Deep Dive
CVE-2024-11103 Contest Gallery <= 24.0.7 - Unauthenticated Arbitrary Password Reset to Privilege Escalation/Account Takeover contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe Critical 9.8 2024-11-28 09:47:09 Deep Dive
CVE-2024-10687 Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 24.0.3 - Unauthenticated SQL Injection contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe Critical 9.8 2024-11-05 09:30:59 Deep Dive
CVE-2024-43283 WordPress Contest Gallery plugin <= 23.1.2 - Unauthenticated Comment UserID And IP address Disclosure vulnerability Wasiliy Strecker / ContestGallery developerContest Gallery Medium 5.3 2024-08-26 16:07:06 Deep Dive
CVE-2024-39631 WordPress Contest Gallery plugin <= 23.1.2 - Cross Site Scripting (XSS) vulnerability Wasiliy Strecker / ContestGallery developerContest Gallery High 7.1 2024-08-01 22:27:46 Deep Dive