| CVE-2024-37442 | WordPress Photo Gallery by Ays – Responsive Image Gallery plugin < 5.7.1 - HTML Injection vulnerability | Photo Gallery Team | Photo Gallery by Ays | Low | 3.8 | 2024-07-09 10:42:52 | Deep Dive |
| CVE-2024-37542 | WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability | WpDevArt | Responsive Image Gallery, Gallery Album | Medium | 5.4 | 2024-07-06 12:40:29 | Deep Dive |
| CVE-2024-5260 | Sina Extension for Elementor <= 3.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via read_more_text Parameter | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2024-07-02 08:32:52 | Deep Dive |
| CVE-2024-5424 | Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via galleryID and className Parameters | gallerycreator | Mixed Media Gallery Blocks | Medium | 6.4 | 2024-06-28 08:33:28 | Deep Dive |
| CVE-2024-6262 | Portfolio Gallery – Image Gallery Plugin <= 1.6.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | awordpresslife | Portfolio Filter Gallery | Medium | 6.4 | 2024-06-27 11:03:35 | Deep Dive |
| CVE-2024-35770 | WordPress Vimeography plugin <= 2.4.1 - Cross Site Request Forgery (CSRF) vulnerability | Dave Kiss | Vimeography: Vimeo Video Gallery WordPress Plugin | Medium | 4.3 | 2024-06-21 13:10:24 | Deep Dive |
| CVE-2024-5036 | Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2024-06-20 11:06:02 | Deep Dive |
| CVE-2024-3894 | Photo Gallery, Images, Slider in Rbs Image Gallery <= 3.2.19 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title | robosoft | Robo Gallery – Photo & Image Slider | Medium | 6.4 | 2024-06-19 06:55:46 | Deep Dive |
| CVE-2024-5343 | Photo Gallery, Images, Slider in Rbs Image Gallery <= 3.2.19 - Cross-Site Request Forgery to Post Creation and Limited Data Loss | robosoft | Robo Gallery – Photo & Image Slider | High | 8.8 | 2024-06-19 05:37:43 | Deep Dive |
| CVE-2024-5724 | Photo Video Gallery Master <= 1.5.3 - Authenticated (Contributor+) PHP Object Injection | webhuntinfotech | Photo Video Gallery Master | High | 8.8 | 2024-06-19 03:12:31 | Deep Dive |
| CVE-2024-5021 | WordPress Picture / Portfolio / Media Gallery <= 3.0.1 - Unauthenticated Server-Side Request Forgery | nimble3 | WordPress Picture / Portfolio / Media Gallery | Critical | 9.3 | 2024-06-19 03:12:29 | Deep Dive |
| CVE-2024-4551 | Video Gallery – YouTube Playlist, Channel Gallery by YotuWP <= 1.3.13 - Authenticated (Contributor+) Arbitrary File Inclusion via Shortcode | yotuwp | Video Gallery – YouTube Playlist, Channel Gallery by YotuWP | Medium | 6.4 | 2024-06-15 08:42:18 | Deep Dive |
| CVE-2024-4258 | Video Gallery – YouTube Playlist, Channel Gallery by YotuWP <= 1.3.13 - Unauthenticated Local File Inclusion | yotuwp | Video Gallery – YouTube Playlist, Channel Gallery by YotuWP | Critical | 9.8 | 2024-06-15 08:42:16 | Deep Dive |
| CVE-2024-2122 | FooGallery <= 2.4.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Custom URL | fooplugins | Gallery by FooGallery | Medium | 6.4 | 2024-06-14 05:39:16 | Deep Dive |
| CVE-2024-5543 | Slideshow Gallery LITE <= 1.8.1 - Authenticated (Contributor+) SQL Injection | contrid | Slideshow Gallery LITE | High | 8.1 | 2024-06-12 01:55:23 | Deep Dive |
| CVE-2024-23518 | WordPress ACF Photo Gallery Field plugin <= 2.6 - Broken Access Control vulnerability | Navneil Naicker | ACF Photo Gallery Field | Medium | 4.3 | 2024-06-11 17:05:02 | Deep Dive |
| CVE-2024-35628 | WordPress Photo Gallery by 10Web plugin <= 1.8.25 - Broken Access Control vulnerability | Photo Gallery Team | Photo Gallery by 10Web | Medium | 4.3 | 2024-06-11 14:29:56 | Deep Dive |
| CVE-2024-35720 | WordPress Album Gallery – WordPress Gallery plugin <= 1.5.7 - Broken Access Control vulnerability | A WP Life | Album Gallery – WordPress Gallery | Medium | 4.3 | 2024-06-10 07:59:38 | Deep Dive |
| CVE-2024-35721 | WordPress Image Gallery plugin <= 1.4.5 - Broken Access Control vulnerability | A WP Life | Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery | Medium | 4.3 | 2024-06-10 07:57:49 | Deep Dive |
| CVE-2024-35722 | WordPress Slider Responsive Slideshow – Image slider, Gallery slideshow plugin <= 1.4.0 - Broken Access Control vulnerability | A WP Life | Slider Responsive Slideshow – Image slider, Gallery slideshow | Medium | 4.3 | 2024-06-10 07:56:46 | Deep Dive |