| CVE-2025-62910 | WordPress Video Gallery by Huzzaz plugin <= 10.5 - Cross Site Scripting (XSS) vulnerability | deshine | Video Gallery by Huzzaz | Medium | 6.5 | 2025-10-27 01:33:54 | Deep Dive |
| CVE-2025-48349 | WordPress Video Gallery – Vimeo and YouTube Gallery plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability | origincode | Video Gallery – Vimeo and YouTube Gallery | Medium | 6.5 | 2025-08-28 12:37:03 | Deep Dive |
| CVE-2025-27326 | WordPress Video Gallery Block plugin <= 1.1.0 - Cross Site Scripting (XSS) Vulnerability | bPlugins | Video Gallery Block | Medium | 6.5 | 2025-07-04 08:42:09 | Deep Dive |
| CVE-2025-5337 | Slider, Gallery, and Carousel by MetaSlider <= 3.98.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via aria-label Parameter | metaslider | Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider | Medium | 6.4 | 2025-06-14 09:23:33 | Deep Dive |
| CVE-2025-32121 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.3 - SQL Injection vulnerability | SuitePlugins | Video & Photo Gallery for Ultimate Member | High | 7.6 | 2025-04-04 15:58:22 | Deep Dive |
| CVE-2025-31566 | WordPress Rio Video Gallery plugin <= 2.3.6 - CSRF to Stored XSS vulnerability | riosisgroup | Rio Video Gallery | High | 7.1 | 2025-03-31 12:55:19 | Deep Dive |
| CVE-2025-22566 | WordPress ULTIMATE VIDEO GALLERY Plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability | extendyourweb | ULTIMATE VIDEO GALLERY | High | 7.1 | 2025-03-28 15:12:26 | Deep Dive |
| CVE-2025-22672 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.2 - Server Side Request Forgery (SSRF) vulnerability | SuitePlugins | Video & Photo Gallery for Ultimate Member | Medium | 4.9 | 2025-03-27 14:11:50 | Deep Dive |
| CVE-2024-12403 | Image Gallery – Responsive Photo Gallery <= 1.0.5 - Reflected Cross-Site Scripting | realwebcare | Awesome Responsive Photo Gallery – Image & Video Lightbox Gallery | Medium | 6.1 | 2025-01-15 09:25:55 | Deep Dive |
| CVE-2024-54370 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.0 - Arbitrary File Upload vulnerability | SuitePlugins | Video & Photo Gallery for Ultimate Member | Critical | 9.9 | 2024-12-16 14:31:32 | Deep Dive |
| CVE-2023-25988 | WordPress Video Gallery – YouTube Gallery plugin <= 1.7.6 - Broken Access Control vulnerability | totalsoft | Video Gallery – YouTube Gallery | High | 7.5 | 2024-12-13 14:23:19 | Deep Dive |
| CVE-2024-12162 | Video & Photo Gallery for Ultimate Member <= 1.1.1 - Reflected Cross-Site Scripting | suiteplugins | Video & Photo Gallery for Ultimate Member | Medium | 6.1 | 2024-12-12 04:23:14 | Deep Dive |
| CVE-2024-10247 | YouTube Gallery and Vimeo Gallery Plugin <= 2.4.2 - Authenticated (Administrator+) SQL Injection | totalsoft | Video Gallery – YouTube Gallery, Vimeo, Video Portfolio, Image Portfolio and Image Gallery | High | 7.2 | 2024-12-06 03:25:39 | Deep Dive |
| CVE-2024-9769 | Video Gallery <= 2.4.1 - Authenticated (Administrator+) Stored Cross-Site Scripting | totalsoft | Video Gallery – YouTube Gallery, Vimeo, Video Portfolio, Image Portfolio and Image Gallery | Medium | 4.4 | 2024-12-06 03:25:39 | Deep Dive |
| CVE-2024-5020 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library | extendthemes | Colibri Page Builder | Medium | 6.4 | 2024-12-04 08:22:47 | Deep Dive |
| CVE-2024-10034 | Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery <= 3.2.4.2 - Authenticated (Editor+) Stored Cross-Site Scripting | gallerycreator | Mixed Media Gallery Blocks | Medium | 5.5 | 2024-11-22 05:33:42 | Deep Dive |
| CVE-2024-11601 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.1 - Cross-Site Request Forgery to Limited Arbitrary Options Update | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | High | 8.1 | 2024-11-22 05:33:41 | Deep Dive |
| CVE-2024-11104 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.2 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | High | 8.1 | 2024-11-22 05:33:40 | Deep Dive |
| CVE-2024-9542 | Sky Addons for Elementor <= 2.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Content Switcher Widget Elementor Template | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | Medium | 4.3 | 2024-11-21 11:02:20 | Deep Dive |
| CVE-2024-52430 | WordPress Lis Video Gallery plugin <= 0.2.1 - PHP Object Injection vulnerability | bublick | Lis Video Gallery | Critical | 9.8 | 2024-11-18 14:27:03 | Deep Dive |