| CVE-2024-0604 | Best WordPress Gallery Plugin – FooGallery <= 2.4.7 -Authenticated(Administrator+) Stored Cross-Site Scripting via settings | fooplugins | Gallery by FooGallery | Medium | 4.4 | 2024-02-20 18:56:47 | Deep Dive |
| CVE-2024-24887 | WordPress Contest Gallery Plugin <= 21.2.8.4 is vulnerable to Cross Site Request Forgery (CSRF) | Contest Gallery | Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress | Medium | 5.4 | 2024-02-12 08:43:27 | Deep Dive |
| CVE-2024-20827 | SAMSUNG Mobile devices 安全漏洞 | Samsung Mobile | Gallery | Medium | 4.6 | 2024-02-06 02:23:18 | Deep Dive |
| CVE-2024-0221 | Photo Gallery by 10Web - Mobile-Friendly Image Gallery <= 1.8.19 - Directory Traversal to Arbitrary File Rename | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Critical | 9.1 | 2024-02-05 21:21:40 | Deep Dive |
| CVE-2024-22150 | WordPress Post Grid, Image Gallery & Portfolio for Elementor | PowerFolio Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS) | PWR Plugins | Portfolio & Image Gallery for WordPress | PowerFolio | Medium | 6.5 | 2024-01-31 18:18:31 | Deep Dive |
| CVE-2024-22295 | WordPress Robo Gallery Plugin <= 3.2.17 is vulnerable to Cross Site Scripting (XSS) | RoboSoft | Photo Gallery, Images, Slider in Rbs Image Gallery | Medium | 5.9 | 2024-01-31 17:30:41 | Deep Dive |
| CVE-2023-6742 | Envira Gallery Lite <= 1.8.7.2 - Missing Authorization to Gallery Modification via envira_gallery_insert_images | smub | Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More | Medium | 4.3 | 2024-01-11 08:32:33 | Deep Dive |
| CVE-2023-6924 | Photo Gallery by 10Web <= 1.8.18 - Authenticated (Administrator+) Stored Cross-Site Scripting via Widget | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 4.4 | 2024-01-11 08:32:29 | Deep Dive |
| CVE-2023-6883 | Easy Social Feed <= 6.5.2 - Missing Authorization to Settings Modification | sjaved | Easy Social Feed – Social Photos Gallery and Post Feed for WordPress | Medium | 4.3 | 2024-01-11 06:49:33 | Deep Dive |
| CVE-2023-6747 | FooGallery Premium <= 2.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | https://fooplugins.com | FooGallery Premium | Medium | 6.4 | 2024-01-03 08:29:49 | Deep Dive |
| CVE-2023-7130 | code-projects College Notes Gallery login.php sql injection | code-projects | College Notes Gallery | Medium | 6.3 | 2023-12-31 08:48:29 | Deep Dive |
| CVE-2023-51373 | WordPress Google Photos Gallery with Shortcodes Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS) | Ian Kennerley | Google Photos Gallery with Shortcodes | High | 7.1 | 2023-12-29 10:55:28 | Deep Dive |
| CVE-2023-28491 | WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to SQL Injection | Tribulant | Slideshow Gallery LITE | Medium | 6.7 | 2023-12-20 17:23:20 | Deep Dive |
| CVE-2023-49178 | WordPress HDW Player Plugin (Video Player & Video Gallery) Plugin <= 5.0 is vulnerable to Cross Site Scripting (XSS) | Mr. Hdwplayer | HDW Player Plugin (Video Player & Video Gallery) | High | 7.1 | 2023-12-15 14:40:47 | Deep Dive |
| CVE-2023-49174 | WordPress Responsive Lightbox Plugin <= 2.4.5 is vulnerable to Cross Site Scripting (XSS) | dFactory | Responsive Lightbox & Gallery | Medium | 5.9 | 2023-12-15 14:14:23 | Deep Dive |
| CVE-2023-48771 | WordPress File Gallery Plugin <= 1.8.5.4 is vulnerable to Cross Site Scripting (XSS) | Bruno "Aesqe" Babic | File Gallery | High | 7.1 | 2023-12-14 16:54:42 | Deep Dive |
| CVE-2023-47548 | WordPress Integrate Google Drive Plugin <= 1.3.2 is vulnerable to Open Redirection | SoftLab | Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site | Medium | 4.7 | 2023-12-07 12:15:07 | Deep Dive |
| CVE-2023-48328 | WordPress NextGEN Gallery Plugin <= 3.37 is vulnerable to Cross Site Request Forgery (CSRF) | Imagely | WordPress Gallery Plugin – NextGEN Gallery | Medium | 4.3 | 2023-11-30 16:05:37 | Deep Dive |
| CVE-2023-28497 | WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to Cross Site Request Forgery (CSRF) | Tribulant | Slideshow Gallery LITE | Medium | 5.4 | 2023-11-12 22:01:56 | Deep Dive |
| CVE-2023-45069 | WordPress Video Gallery – YouTube Gallery Plugin <= 2.1.3 is vulnerable to SQL Injection | Video Gallery by Total-Soft | Video Gallery – Best WordPress YouTube Gallery Plugin | 超危 | - | 2023-11-06 08:42:03 | Deep Dive |