| CVE-2025-14003 | Image Gallery – Photo Grid & Video Gallery <= 2.13.3 - Missing Authorization to Authenticated (Author+) Arbitrary Gallery Modification | wpchill | Modula Image Gallery – Photo Grid & Video Gallery | Medium | 4.3 | 2025-12-15 14:25:10 | Deep Dive |
| CVE-2025-13891 | Image Gallery – Photo Grid & Video Gallery (Modula) <= 2.13.3 - Missing Authorization to Arbitrary Directory Listing | wpchill | Modula Image Gallery – Photo Grid & Video Gallery | Medium | 6.5 | 2025-12-12 07:20:35 | Deep Dive |
| CVE-2025-13646 | Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Upload via Race Condition | wpchill | Image Gallery – Photo Grid & Video Gallery | High | 7.5 | 2025-12-03 02:25:30 | Deep Dive |
| CVE-2025-13645 | Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Deletion | wpchill | Image Gallery – Photo Grid & Video Gallery | High | 7.2 | 2025-12-03 02:25:29 | Deep Dive |
| CVE-2025-13685 | Photo Gallery by Ays <= 6.4.8 - Cross-Site Request Forgery to Bulk Actions | ays-pro | Photo Gallery by Ays – Responsive Image Gallery | Medium | 4.3 | 2025-12-02 06:40:25 | Deep Dive |
| CVE-2025-12494 | Image Gallery – Photo Grid & Video Gallery <= 2.12.28 - Improper Authorization to Authenticated (Author+) Arbitrary Image File Move | wpchill | Modula Image Gallery – Photo Grid & Video Gallery | Medium | 4.3 | 2025-11-15 05:45:34 | Deep Dive |
| CVE-2025-12377 | Gallery Plugin for WordPress – Envira Photo Gallery <= 1.12.0 - Missing Authorization to Authenticated (Author+) Multiple Gallery Actions | smub | Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More | Medium | 4.3 | 2025-11-13 11:29:03 | Deep Dive |
| CVE-2025-11448 | Gallery Plugin for WordPress – Envira Photo Gallery <= 1.11.0 - Missing Authorization to Authenticated (Contributor+) Gallery Conversion | smub | Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More | Medium | 4.3 | 2025-11-08 09:28:11 | Deep Dive |
| CVE-2025-49394 | WordPress Image Gallery block – Create and display photo gallery/photo album. plugin <= 1.0.7 - Broken Authentication vulnerability | bPlugins | Image Gallery block – Create and display photo gallery/photo album. | High | 7.1 | 2025-11-06 15:53:53 | Deep Dive |
| CVE-2025-57947 | WordPress Photo Gallery by Ays Plugin <= 6.3.8 - Cross Site Scripting (XSS) Vulnerability | Ays Pro | Photo Gallery by Ays | Medium | 6.5 | 2025-09-22 18:24:54 | Deep Dive |
| CVE-2025-6068 | FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | fooplugins | Gallery by FooGallery | Medium | 6.4 | 2025-07-11 07:23:01 | Deep Dive |
| CVE-2025-2537 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library | wpdevart | YouTube Embed, Playlist and Popup by WpDevArt | Medium | 6.4 | 2025-07-03 12:23:09 | Deep Dive |
| CVE-2024-5647 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library | blossomthemes | BlossomThemes Social Feed | Medium | 6.4 | 2025-07-03 09:22:19 | Deep Dive |
| CVE-2025-6843 | code-projects Simple Photo Gallery upload-photo.php unrestricted upload | code-projects | Simple Photo Gallery | High | 7.3 | 2025-06-29 03:31:06 | Deep Dive |
| CVE-2025-53257 | WordPress Gmedia Photo Gallery plugin <= 1.23.0 - Local File Inclusion Vulnerability | Serhii Pasyuk | Gmedia Photo Gallery | High | 7.5 | 2025-06-27 13:21:06 | Deep Dive |
| CVE-2025-49451 | WordPress Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery plugin <= 1.0.13 - Directory Traversal Vulnerability | yannisraft | Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery | High | 7.5 | 2025-06-17 15:01:42 | Deep Dive |
| CVE-2024-5878 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via SimpleLightbox JavaScript Library | aknieriem | Simplelightbox | Medium | 6.4 | 2025-05-20 07:22:30 | Deep Dive |
| CVE-2024-8670 | Photo Gallery by 10Web < 1.8.29 - Admin+ Stored XSS | Unknown | Photo Gallery by 10Web | - | - | 2025-05-15 20:07:17 | Deep Dive |
| CVE-2024-13384 | Photo Gallery, Images, Slider in Rbs Image Gallery < 3.2.24 - Admin+ Stored XSS | Unknown | Photo Gallery, Images, Slider in Rbs Image Gallery | - | - | 2025-05-15 20:07:01 | Deep Dive |
| CVE-2024-10144 | Photo Gallery, Images, Slider in Rbs Image Gallery < 3.2.22 - Contributor+ Stored XSS | Unknown | Photo Gallery, Images, Slider in Rbs Image Gallery | - | - | 2025-05-15 20:06:42 | Deep Dive |