| CVE-2024-1897 | Grid Gallery – Photo Image Grid Gallery <= 1.4.3 - Authenticated (Contributor+) PHP Object Injection via shortcode | awordpresslife | Grid Gallery for Images | High | 7.5 | 2024-05-02 16:51:59 | Deep Dive |
| CVE-2024-1896 | Photo Gallery <= 1.4.2 - Authenticated(Contributor+) PHP Object Injection via Shortcode | awordpresslife | Photo Gallery for Images | High | 7.5 | 2024-05-02 16:51:47 | Deep Dive |
| CVE-2024-33586 | WordPress Photo Gallery by 10Web plugin <= 1.8.20 - Broken Access Control vulnerability | Photo Gallery Team | Photo Gallery by 10Web | Medium | 5.3 | 2024-04-29 12:42:29 | Deep Dive |
| CVE-2024-4035 | Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery <= 2.7.7.21 - Authenticated (Author+) Cross-Site Scripting | gt3themes | Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery | Medium | 6.4 | 2024-04-25 09:29:58 | Deep Dive |
| CVE-2024-3988 | Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Sina Fancy Text Widget | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2024-04-25 07:33:59 | Deep Dive |
| CVE-2024-32583 | WordPress Photo Gallery by 10Web plugin <= 1.8.21 - Reflected Cross Site Scripting (XSS) vulnerability | Photo Gallery Team | Photo Gallery by 10Web | High | 7.1 | 2024-04-18 09:20:09 | Deep Dive |
| CVE-2024-31354 | WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Cross Site Request Forgery (CSRF) vulnerability | Tribulant | Slideshow Gallery | Medium | 4.3 | 2024-04-12 12:24:46 | Deep Dive |
| CVE-2024-3285 | Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows <= 3.70.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via metaslider Shortcode | metaslider | Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider | Medium | 6.4 | 2024-04-11 07:31:36 | Deep Dive |
| CVE-2024-31355 | WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Auth. SQL Injection vulnerability | Tribulant | Slideshow Gallery | High | 8.5 | 2024-04-10 16:23:53 | Deep Dive |
| CVE-2024-31342 | WordPress Gallery Exporter plugin <= 1.3 - Arbitrary File Download vulnerability | WPcloudgallery | WordPress Gallery Exporter | Medium | 6.5 | 2024-04-10 16:14:56 | Deep Dive |
| CVE-2024-31353 | WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Sensitive Data Exposure vulnerability | Tribulant | Slideshow Gallery | Medium | 5.3 | 2024-04-10 15:30:54 | Deep Dive |
| CVE-2024-3020 | Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce <= 2.6.3 - Authenticated (Admin+) PHP Object Injection | shapedplugin | Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel | High | 7.2 | 2024-04-10 04:30:22 | Deep Dive |
| CVE-2024-3235 | Essential Grid <= 3.1.1 - Unauthenticated Private Post Disclosure | ThemePunch | Essential Grid Gallery WordPress Plugin | Medium | 5.3 | 2024-04-10 04:30:21 | Deep Dive |
| CVE-2024-2081 | FooGallery <= 2.4.14 - Authenticated (Author+) Stored Cross-Site Scripting | fooplugins | Gallery by FooGallery | Medium | 6.4 | 2024-04-09 18:59:29 | Deep Dive |
| CVE-2024-3097 | WordPress Gallery Plugin – NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure | smub | Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery | Medium | 5.3 | 2024-04-09 18:58:59 | Deep Dive |
| CVE-2024-21424 | Azure Compute Gallery Elevation of Privilege Vulnerability | Microsoft | Azure Compute Gallery | Medium | 6.5 | 2024-04-09 17:00:09 | Deep Dive |
| CVE-2024-1664 | Responsive Gallery Grid < 2.3.11 - Admin+ Stored XSS | Unknown | Responsive Gallery Grid | - | - | 2024-04-09 05:00:02 | Deep Dive |
| CVE-2024-2296 | Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.21 - Authenticated (Admin+) Stored Cross-Site Scripting via SVG | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 5.5 | 2024-04-06 08:38:54 | Deep Dive |
| CVE-2024-2949 | Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'sp_wp_carousel_shortcode' | shapedplugin | Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel | Medium | 6.4 | 2024-04-06 06:47:19 | Deep Dive |
| CVE-2024-2471 | FooGallery <= 2.4.14 - Authenticated (Author+) Stored Cross-Site Scripting via Image Attachment Fields | fooplugins | Gallery by FooGallery | Medium | 6.4 | 2024-04-06 05:37:15 | Deep Dive |