| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-2823 | Slider, Gallery, and Carousel by MetaSlider < 3.27.9 - Admin+ Stored Cross Site Scripting | Unknown | Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Plugin | 中危 | - | 2022-10-10 00:00:00 | Deep Dive |
| CVE-2022-38135 | WordPress Photospace Gallery plugin <= 2.3.5 - Broken Access Control vulnerability | Dean Oakley | Photospace Gallery (WordPress plugin) | Medium | 5.4 | 2022-09-12 19:24:03 | Deep Dive |
| CVE-2022-37407 | WordPress Gallery PhotoBlocks plugin <= 1.2.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities | WPChill | Gallery PhotoBlocks (WordPress plugin) | Medium | 4.1 | 2022-09-09 14:40:07 | Deep Dive |
| CVE-2022-36292 | WordPress Gallery PhotoBlocks plugin <= 1.2.6 - Cross-Site Request Forgery (CSRF) vulnerabilities | WPChill | Gallery PhotoBlocks (WordPress plugin) | Medium | 5.4 | 2022-08-23 15:48:17 | Deep Dive |
| CVE-2022-35726 | WordPress Video Gallery plugin <= 1.3.4.5 - Broken Authentication vulnerability | yotuwp | Video Gallery (WordPress plugin) | Medium | 4.3 | 2022-08-23 15:47:56 | Deep Dive |
| CVE-2022-36394 | WordPress Contest Gallery plugin <= 17.0.4 - Authenticated SQL Injection (SQLi) vulnerability | Contest Gallery | Contest Gallery (WordPress plugin) | High | 7.6 | 2022-08-23 15:47:28 | Deep Dive |
| CVE-2021-36891 | WordPress Photo Gallery by Supsystic plugin <= 1.15.5 - Cross-Site Request Forgery (CSRF) leading to Plugin Settings Change | Supsystic | Photo Gallery by Supsystic (WordPress plugin) | Medium | 5.4 | 2022-06-15 19:16:58 | Deep Dive |
| CVE-2022-27853 | WordPress Contest Gallery plugin <= 13.1.0.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | Contest Gallery | Contest Gallery (WordPress plugin) | Medium | 4.8 | 2022-04-18 16:20:34 | Deep Dive |
| CVE-2021-24867 | Backdoored Plugins & Themes from AccessPress Themes | AccessPress Themes | Frontend Post WordPress Plugin – AccessPress Anonymous Post | 超危 | - | 2022-02-21 10:45:39 | Deep Dive |
| CVE-2021-24915 | Contest Gallery < 13.1.0.6 - Missing Access Controls to Unauthenticated SQL injection / Email Address Disclosure | Unknown | Contest Gallery – Photo Contest Plugin for WordPress | 超危 | - | 2021-11-29 08:25:50 | Deep Dive |
| CVE-2021-24415 | Polo Video Gallery <= 1.2 - Contributor+ Stored Cross-Site Scripting | Unknown | Polo Video Gallery – Best wordpress video gallery plugin | 中危 | - | 2021-10-18 13:45:40 | Deep Dive |