| CVE-2024-10034 | Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery <= 3.2.4.2 - Authenticated (Editor+) Stored Cross-Site Scripting | gallerycreator | Mixed Media Gallery Blocks | Medium | 5.5 | 2024-11-22 05:33:42 | Deep Dive |
| CVE-2024-11601 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.1 - Cross-Site Request Forgery to Limited Arbitrary Options Update | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | High | 8.1 | 2024-11-22 05:33:41 | Deep Dive |
| CVE-2024-11104 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.2 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | High | 8.1 | 2024-11-22 05:33:40 | Deep Dive |
| CVE-2024-9542 | Sky Addons for Elementor <= 2.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Content Switcher Widget Elementor Template | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | Medium | 4.3 | 2024-11-21 11:02:20 | Deep Dive |
| CVE-2024-11409 | Grid View Gallery <= 1.0 - Authenticated (Editor+) PHP Object Injection | priyajain2802 | Grid View Gallery | High | 7.2 | 2024-11-21 02:06:40 | Deep Dive |
| CVE-2024-51914 | WordPress drop in image slideshow gallery plugin <= 12.0 - Cross Site Scripting (XSS) vulnerability | gopiplus | drop in image slideshow gallery | Medium | 6.5 | 2024-11-19 16:31:00 | Deep Dive |
| CVE-2024-52430 | WordPress Lis Video Gallery plugin <= 0.2.1 - PHP Object Injection vulnerability | bublick | Lis Video Gallery | Critical | 9.8 | 2024-11-18 14:27:03 | Deep Dive |
| CVE-2024-10875 | Gallery Manager <= 1.6.58 - Reflected Cross-Site Scripting | dhoppe | Gallery Manager | Medium | 6.1 | 2024-11-16 03:20:48 | Deep Dive |
| CVE-2024-52373 | WordPress Devexhub Gallery plugin <= 2.0.1 - Arbitrary File Upload vulnerability | Team Devexhub | Devexhub Gallery | Critical | 10.0 | 2024-11-14 18:11:27 | Deep Dive |
| CVE-2024-51790 | WordPress HB AUDIO GALLERY plugin <= 3.0 - Arbitrary File Upload vulnerability | HB WEBSOL | HB AUDIO GALLERY | Critical | 10.0 | 2024-11-11 05:55:50 | Deep Dive |
| CVE-2024-51630 | WordPress Responsive Flickr Gallery plugin <= 1.3.1 - CSRF to Stored XSS vulnerability | Lars Schenk | Responsive Flickr Gallery | High | 7.1 | 2024-11-09 13:20:49 | Deep Dive |
| CVE-2024-51570 | WordPress Easy Gallery plugin <= 1.4 - SQL Injection vulnerability | odihost | Easy Gallery | High | 8.5 | 2024-11-09 09:06:21 | Deep Dive |
| CVE-2024-10535 | Video Gallery for WooCommerce <= 1.31 - Missing Authorization to Unauthenticated Limited File Deletion | nitramix | Video Gallery for WooCommerce | Medium | 5.3 | 2024-11-06 06:43:30 | Deep Dive |
| CVE-2024-10687 | Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 24.0.3 - Unauthenticated SQL Injection | contest-gallery | Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe | Critical | 9.8 | 2024-11-05 09:30:59 | Deep Dive |
| CVE-2024-9878 | Photo Gallery by 10Web <= 1.8.30 - Authenticated (Administrator+) Stored Cross-Site Scripting | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 4.4 | 2024-11-05 09:30:59 | Deep Dive |
| CVE-2024-37095 | WordPress Envira Photo Gallery plugin <= 1.8.7.3 - CSRF leading to notice dismissal vulnerability | Envira Gallery Team | Envira Photo Gallery | Medium | 4.3 | 2024-11-01 14:18:39 | Deep Dive |
| CVE-2024-39640 | WordPress Social Feed Gallery plugin <= 4.3.9 - Broken Access Control vulnerability | QuadLayers | WP Social Feed Gallery | Medium | 6.5 | 2024-11-01 14:17:53 | Deep Dive |
| CVE-2024-43925 | WordPress Envira Gallery Lite plugin <= 1.8.14 - Broken Access Control vulnerability | Envira Gallery Team | Envira Photo Gallery | Medium | 4.3 | 2024-11-01 14:17:20 | Deep Dive |
| CVE-2024-49632 | WordPress CWD 3D Image Gallery plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability | Senthil Vel | CWD 3D Image Gallery | High | 7.1 | 2024-10-29 13:09:25 | Deep Dive |
| CVE-2024-49696 | WordPress Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.21 - Cross Site Scripting (XSS) vulnerability | robosoft | Robo Gallery | Medium | 5.9 | 2024-10-24 12:29:28 | Deep Dive |