| CVE-2024-32778 | WordPress Contest Gallery plugin <= 21.3.4 - Arbitrary File Deletion vulnerability | Wasiliy Strecker / ContestGallery developer | Contest Gallery | High | 7.7 | 2024-06-09 13:08:35 | Deep Dive |
| CVE-2024-31248 | WordPress All-in-One Video Gallery plugin <= 3.5.2 - Broken Access Control vulnerability | Team Plugins360 | All-in-One Video Gallery | Medium | 4.3 | 2024-06-09 11:10:30 | Deep Dive |
| CVE-2024-35750 | WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - SQL Injection vulnerability | wpdevart | Responsive Image Gallery, Gallery Album | High | 8.5 | 2024-06-08 12:37:31 | Deep Dive |
| CVE-2024-5481 | Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.23 - Authenticated (Contributor+) Path Traversal via esc_dir Function | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 6.8 | 2024-06-07 09:33:36 | Deep Dive |
| CVE-2024-5426 | Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via Zipped SVG | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 6.4 | 2024-06-07 09:33:35 | Deep Dive |
| CVE-2024-4194 | Album and Image Gallery plus Lightbox <= 2.0 - Unauthenticated Arbitrary Shortcode Execution | essentialplugin | Album and Image Gallery Plus Lightbox | Medium | 6.5 | 2024-06-06 02:02:57 | Deep Dive |
| CVE-2024-34759 | WordPress Picture Gallery plugin <= 1.5.11 - Cross Site Scripting (XSS) vulnerability | VideoWhisper | Picture Gallery | Medium | 6.5 | 2024-06-04 18:49:15 | Deep Dive |
| CVE-2024-3268 | YouTube Video Gallery by YouTube Showcase – Video Gallery Plugin for WordPress <= 3.3.6 - Missing Authorization to Arbitrary Post/Page Creation | emarket-design | Video Gallery – YouTube Gallery & Responsive Video Playlist | Medium | 5.3 | 2024-05-21 11:33:17 | Deep Dive |
| CVE-2023-33310 | WordPress Unite Gallery Lite plugin <= 1.7.59 - Local File Inclusion vulnerability | Valiano | Unite Gallery Lite | Medium | 6.0 | 2024-05-17 06:45:24 | Deep Dive |
| CVE-2024-2744 | Nextgen Gallery < 3.59.1 - Admin+ Stored XSS | Unknown | NextGEN Gallery | 中危 | - | 2024-05-17 06:00:02 | Deep Dive |
| CVE-2024-4946 | SourceCodester Online Art Gallery Management System adminHome.php unrestricted upload | SourceCodester | Online Art Gallery Management System | Medium | 6.3 | 2024-05-16 05:31:04 | Deep Dive |
| CVE-2024-4670 | All-in-One Video Gallery <= 3.6.5 - Authenticated (Contributor+) Local File Inclusion via aiovg_search_form Shortcode | plugins360 | All-in-One Video Gallery | High | 8.8 | 2024-05-15 12:46:20 | Deep Dive |
| CVE-2024-4373 | Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.3 - Authenticated (Contributor+) Stored Cross-site Scriping via 'Sina Particle Layer' | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2024-05-15 01:56:56 | Deep Dive |
| CVE-2024-4363 | Visual Portfolio, Photo Gallery & Post Grid <= 3.3.2 - Authenticated (Author+) Stored Cross-Site Scripting via title_tag Parameter | nko | Visual Portfolio, Photo Gallery & Post Grid | Medium | 6.4 | 2024-05-14 23:31:45 | Deep Dive |
| CVE-2024-4333 | Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.3 - Authenticated (Contributor+) DOM-Based Cross-Site Scripting | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2024-05-14 12:50:02 | Deep Dive |
| CVE-2024-4386 | Gallery Block (Meow Gallery) <= 5.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | tigroumeow | Meow Gallery | Medium | 6.4 | 2024-05-09 20:03:24 | Deep Dive |
| CVE-2024-34424 | WordPress Featured Content Gallery plugin <= 3.2.0 - Cross Site Scripting (XSS) vulnerability | iePlexus | Featured Content Gallery | Medium | 5.9 | 2024-05-09 11:21:43 | Deep Dive |
| CVE-2024-34377 | WordPress Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery plugin <= 1.5.3 - Broken Access Control vulnerability | A WP Life | Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery | Medium | 4.3 | 2024-05-06 18:57:07 | Deep Dive |
| CVE-2024-34382 | WordPress Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.18 - Sensitive Data Exposure vulnerability | RoboSoft | Robo Gallery | Medium | 5.3 | 2024-05-06 17:57:27 | Deep Dive |
| CVE-2024-4033 | All-in-One Video Gallery <= 3.6.4 - Authenticated (Contributor+) Arbitrary File Upload via featured image | plugins360 | All-in-One Video Gallery | High | 8.8 | 2024-05-02 16:52:47 | Deep Dive |