| CVE-2025-14003 | Image Gallery – Photo Grid & Video Gallery <= 2.13.3 - Missing Authorization to Authenticated (Author+) Arbitrary Gallery Modification | wpchill | Modula Image Gallery – Photo Grid & Video Gallery | Medium | 4.3 | 2025-12-15 14:25:10 | Deep Dive |
| CVE-2025-14288 | Gallery Blocks with Lightbox <= 3.3.0 - Missing Authorization to Authenticated (Contributor+) Plugin Settings Modification | gallerycreator | Mixed Media Gallery Blocks | Medium | 4.3 | 2025-12-13 04:31:26 | Deep Dive |
| CVE-2025-13891 | Image Gallery – Photo Grid & Video Gallery (Modula) <= 2.13.3 - Missing Authorization to Arbitrary Directory Listing | wpchill | Modula Image Gallery – Photo Grid & Video Gallery | Medium | 6.5 | 2025-12-12 07:20:35 | Deep Dive |
| CVE-2025-13646 | Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Upload via Race Condition | wpchill | Image Gallery – Photo Grid & Video Gallery | High | 7.5 | 2025-12-03 02:25:30 | Deep Dive |
| CVE-2025-13645 | Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Deletion | wpchill | Image Gallery – Photo Grid & Video Gallery | High | 7.2 | 2025-12-03 02:25:29 | Deep Dive |
| CVE-2025-13685 | Photo Gallery by Ays <= 6.4.8 - Cross-Site Request Forgery to Bulk Actions | ays-pro | Photo Gallery by Ays – Responsive Image Gallery | Medium | 4.3 | 2025-12-02 06:40:25 | Deep Dive |
| CVE-2025-12494 | Image Gallery – Photo Grid & Video Gallery <= 2.12.28 - Improper Authorization to Authenticated (Author+) Arbitrary Image File Move | wpchill | Modula Image Gallery – Photo Grid & Video Gallery | Medium | 4.3 | 2025-11-15 05:45:34 | Deep Dive |
| CVE-2025-49394 | WordPress Image Gallery block – Create and display photo gallery/photo album. plugin <= 1.0.7 - Broken Authentication vulnerability | bPlugins | Image Gallery block – Create and display photo gallery/photo album. | High | 7.1 | 2025-11-06 15:53:53 | Deep Dive |
| CVE-2025-58226 | WordPress 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery Plugin <= 1.16.16 - Sensitive Data Exposure Vulnerability | iberezansky | 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery | Medium | 5.3 | 2025-09-22 18:23:45 | Deep Dive |
| CVE-2025-8400 | Image Gallery <= 1.0.0 - Reflected Cross-Site Scripting | aumsrini | Image Gallery | Medium | 6.1 | 2025-08-02 08:24:48 | Deep Dive |
| CVE-2025-5752 | Vertical scroll image slideshow gallery <= 11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter | gopiplus | Vertical scroll image slideshow gallery | Medium | 6.4 | 2025-07-18 05:24:00 | Deep Dive |
| CVE-2025-6068 | FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | fooplugins | Gallery by FooGallery | Medium | 6.4 | 2025-07-11 07:23:01 | Deep Dive |
| CVE-2025-30979 | WordPress Pixelating image slideshow gallery plugin <= 8.0 - SQL Injection Vulnerability | gopiplus | Pixelating image slideshow gallery | High | 8.5 | 2025-07-04 08:42:24 | Deep Dive |
| CVE-2025-7046 | Portfolio for Elementor & Image Gallery | PowerFolio <= 3.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS | dotrex | PowerFolio – Portfolio & Image Gallery for Elementor | Medium | 6.4 | 2025-07-04 01:44:01 | Deep Dive |
| CVE-2025-2540 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library | nayon46 | Awesome Wp Image Gallery | Medium | 6.4 | 2025-07-03 11:19:50 | Deep Dive |
| CVE-2024-5647 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library | blossomthemes | BlossomThemes Social Feed | Medium | 6.4 | 2025-07-03 09:22:19 | Deep Dive |
| CVE-2025-5289 | 3D FlipBook - Lite Edition <= 1.16.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via style and mode Parameters | iberezansky | 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery | Medium | 6.4 | 2025-06-21 11:09:40 | Deep Dive |
| CVE-2025-49451 | WordPress Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery plugin <= 1.0.13 - Directory Traversal Vulnerability | yannisraft | Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery | High | 7.5 | 2025-06-17 15:01:42 | Deep Dive |
| CVE-2025-5337 | Slider, Gallery, and Carousel by MetaSlider <= 3.98.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via aria-label Parameter | metaslider | Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider | Medium | 6.4 | 2025-06-14 09:23:33 | Deep Dive |
| CVE-2024-13384 | Photo Gallery, Images, Slider in Rbs Image Gallery < 3.2.24 - Admin+ Stored XSS | Unknown | Photo Gallery, Images, Slider in Rbs Image Gallery | - | - | 2025-05-15 20:07:01 | Deep Dive |