| CVE-2025-47677 | WordPress Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery plugin <= 2.7.7.25 - Cross Site Scripting (XSS) Vulnerability | gt3themes | Photo Gallery | Medium | 6.5 | 2025-05-07 14:20:53 | Deep Dive |
| CVE-2025-27291 | WordPress Photo Gallery – Image Gallery Plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability | uxgallery | WordPress Photo Gallery – Image Gallery | High | 7.1 | 2025-04-17 15:48:06 | Deep Dive |
| CVE-2025-2269 | Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.34 Reflected Cross-Site Scripting via 'image_id' Parameter | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 6.1 | 2025-04-11 23:21:55 | Deep Dive |
| CVE-2025-32121 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.3 - SQL Injection vulnerability | SuitePlugins | Video & Photo Gallery for Ultimate Member | High | 7.6 | 2025-04-04 15:58:22 | Deep Dive |
| CVE-2025-31586 | WordPress Gallery – Photo Albums Plugin plugin <= 1.3.170 - Stored Cross Site Scripting (XSS) vulnerability | GhozyLab | Gallery – Photo Albums Plugin | Medium | 6.5 | 2025-03-31 12:55:26 | Deep Dive |
| CVE-2025-0613 | Photo Gallery < 1.8.34 - Unauthenticated Stored XSS | Unknown | Photo Gallery by 10Web | 中危 | - | 2025-03-31 06:00:02 | Deep Dive |
| CVE-2025-22672 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.2 - Server Side Request Forgery (SSRF) vulnerability | SuitePlugins | Video & Photo Gallery for Ultimate Member | Medium | 4.9 | 2025-03-27 14:11:50 | Deep Dive |
| CVE-2025-26742 | WordPress Gallery for Social Photo plugin <= 1.0.0.35 - Cross Site Scripting (XSS) vulnerability | GhozyLab | Gallery for Social Photo | Medium | 6.5 | 2025-03-25 14:37:52 | Deep Dive |
| CVE-2024-13124 | Photo Gallery by 10Web < 1.8.33 - Admin+ Stored XSS | Unknown | Photo Gallery by 10Web | - | - | 2025-03-24 06:00:07 | Deep Dive |
| CVE-2024-12114 | FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.29 - Insecure Direct Object Reference to Authenticated (Custom+) Arbitrary Post/Page Updates | fooplugins | Gallery by FooGallery | Medium | 4.3 | 2025-03-08 05:30:09 | Deep Dive |
| CVE-2024-12119 | FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.29 - Authenticated (Custom+) Stored Cross-Site Scripting via Album Title Size | fooplugins | Gallery by FooGallery | Medium | 6.4 | 2025-03-08 05:30:09 | Deep Dive |
| CVE-2024-13906 | Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress <= 4.7.3 - Authenticated (Administrator+) PHP Object Injection | bestwebsoft | Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress | High | 7.2 | 2025-03-07 07:22:24 | Deep Dive |
| CVE-2025-22624 | FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 - Reflected cross-site scripting (XSS) | bradvin | FooGallery - Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel | 中危 | - | 2025-02-27 18:26:27 | Deep Dive |
| CVE-2024-6261 | Image Photo Gallery Final Tiles Grid <= 3.6.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | wpchill | Image Photo Gallery Final Tiles Grid | Medium | 6.4 | 2025-02-27 05:23:05 | Deep Dive |
| CVE-2024-10545 | NextGEN Gallery < 3.59.9 - Admin+ Stored XSS | Unknown | Photo Gallery, Sliders, Proofing and Themes | 低危 | - | 2025-02-25 06:00:05 | Deep Dive |
| CVE-2025-27276 | WordPress Photo Gallery ( Responsive ) plugin <= 4.0 - CSRF to Privilege Escalation vulnerability | lizeipe | Photo Gallery ( Responsive ) | High | 8.8 | 2025-02-24 14:48:47 | Deep Dive |
| CVE-2024-13751 | 3D Photo Gallery <= 1.3 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting | labibahmed42 | 3D Photo Gallery | Medium | 6.4 | 2025-02-21 03:21:23 | Deep Dive |
| CVE-2025-24707 | WordPress Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery plugin <= 2.7.7.24 - Reflected Cross Site Scripting (XSS) vulnerability | gt3themes | Photo Gallery | High | 7.1 | 2025-02-03 14:22:50 | Deep Dive |
| CVE-2025-24697 | WordPress Image Gallery – Responsive Photo Gallery plugin <= 1.0.5 - Broken Access Control vulnerability | Realwebcare | Image Gallery – Responsive Photo Gallery | Medium | 6.5 | 2025-02-03 14:22:49 | Deep Dive |
| CVE-2025-23597 | WordPress Rio Photo Gallery plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability | sabareesha | Rio Photo Gallery | High | 7.1 | 2025-01-22 14:29:15 | Deep Dive |