Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 648 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-24965 WordPress Contest Gallery plugin <= 28.1.1 - Broken Access Control vulnerability Wasiliy Strecker / ContestGallery developerContest Gallery--2026-02-03 14:08:35 Deep Dive
CVE-2026-24939 WordPress Modula Image Gallery plugin <= 2.13.6 - Broken Access Control vulnerability WP ChillModula Image Gallery--2026-02-03 14:08:33 Deep Dive
CVE-2025-15516 All-in-One Video Gallery 4.1.0 - 4.6.4 - Missing Authorization to Authenticated (Subscriber+) Limited User Meta Update plugins360All-in-One Video Gallery Medium 4.3 2026-01-24 08:26:33 Deep Dive
CVE-2025-14906 WP Youtube Video Gallery <= 1.0 - Cross-Site Request Forgery to Plugin Settings Update waqasvickey0071WP Youtube Video Gallery Medium 4.3 2026-01-24 07:26:42 Deep Dive
CVE-2025-14947 All-in-One Video Gallery <= 4.6.4 - Missing Authorization to Unauthenticated Bunny Stream Video Creation/Deletion plugins360All-in-One Video Gallery Medium 6.5 2026-01-23 17:26:07 Deep Dive
CVE-2026-24389 WordPress Gallery PhotoBlocks plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability WP ChillGallery PhotoBlocks--2026-01-22 16:52:48 Deep Dive
CVE-2026-23976 WordPress Modula Image Gallery plugin <= 2.13.4 - Cross Site Scripting (XSS) vulnerability WP ChillModula Image Gallery Medium 5.9 2026-01-22 16:52:43 Deep Dive
CVE-2025-53240 WordPress WordPress Photo Gallery plugin <= 1.1.0 - Cross Site Scripting (XSS) Vulnerability adamlabsWordPress Photo Gallery High 7.1 2026-01-22 16:51:45 Deep Dive
CVE-2025-49049 WordPress DZS Video Gallery plugin <= 12.39 - SQL Injection vulnerability ZoomItDZS Video Gallery High 8.5 2026-01-22 16:51:42 Deep Dive
CVE-2026-1036 Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.36 - Missing Authorization to Unauthenticated Arbitrary Comment Deletion 10webPhoto Gallery by 10Web – Mobile-Friendly Image Gallery Medium 5.3 2026-01-21 23:23:28 Deep Dive
CVE-2025-15466 Image Photo Gallery Final Tiles Grid <= 3.6.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Gallery Management wpchillImage Photo Gallery Final Tiles Grid Medium 5.4 2026-01-19 23:21:53 Deep Dive
CVE-2025-12957 All-in-One Video Gallery <= 4.5.7 - Authenticated (Author+) Arbitrary File Upload via VTT Upload Bypass plugins360All-in-One Video Gallery High 8.8 2026-01-16 04:44:35 Deep Dive
CVE-2026-22486 WordPress Re Gallery plugin <= 1.18.9 - Broken Access Control vulnerability HakobRe Gallery Medium 5.3 2026-01-08 16:46:03 Deep Dive
CVE-2025-27004 WordPress Famous - Responsive Image And Video Grid Gallery WordPress Plugin plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability LambertGroupFamous - Responsive Image And Video Grid Gallery WordPress Plugin High 7.1 2026-01-08 09:17:42 Deep Dive
CVE-2025-47552 WordPress DZS Video Gallery plugin <= 12.39 - PHP Object Injection vulnerability Digital zoom studioDZS Video Gallery Critical 9.8 2026-01-07 12:38:11 Deep Dive
CVE-2025-32300 WordPress DZS Video Gallery plugin <= 12.39 - Cross Site Scripting (XSS) vulnerability Digital zoom studioDZS Video Gallery High 7.1 2026-01-07 12:06:37 Deep Dive
CVE-2025-14453 My Album Gallery <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'style_css' Shortcode Attribute ruhul080My Album Gallery Medium 6.4 2026-01-07 09:20:59 Deep Dive
CVE-2025-13848 STM Gallery 1.9 <= 0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes sergiotocaSTM Gallery 1.9 Medium 6.4 2026-01-07 09:20:54 Deep Dive
CVE-2025-14796 My Album Gallery <= 1.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title ruhul080My Album Gallery Medium 6.4 2026-01-07 09:20:53 Deep Dive
CVE-2025-47553 WordPress DZS Video Gallery plugin <= 12.39 - PHP Object Injection vulnerability Digital zoom studioDZS Video Gallery High 8.8 2026-01-06 16:47:41 Deep Dive