| CVE-2024-13584 | Picture Gallery – Frontend Image Uploads, AJAX Photo List <= 1.5.19 - Authenticated (Contributor+) Stored Cross-Site Scripting | videowhisper | Picture Gallery – Frontend Image Uploads, AJAX Photo List | Medium | 6.4 | 2025-01-22 03:21:31 | Deep Dive |
| CVE-2024-12696 | Picture Gallery – Frontend Image Uploads, AJAX Photo List <= 1.5.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via videowhisper_picture_upload_guest Shortcode | videowhisper | Picture Gallery – Frontend Image Uploads, AJAX Photo List | Medium | 6.4 | 2025-01-18 07:05:10 | Deep Dive |
| CVE-2025-22317 | WordPress Gallery Images Ape plugin <= 2.2.8 - Reflected Cross Site Scripting (XSS) vulnerability | Gallery Ape | Photo Gallery – Image Gallery by Ape | High | 7.1 | 2025-01-15 15:23:40 | Deep Dive |
| CVE-2024-12403 | Image Gallery – Responsive Photo Gallery <= 1.0.5 - Reflected Cross-Site Scripting | realwebcare | Awesome Responsive Photo Gallery – Image & Video Lightbox Gallery | Medium | 6.1 | 2025-01-15 09:25:55 | Deep Dive |
| CVE-2024-10102 | Photo Gallery, Images, Slider in Rbs Image Gallery < 3.2.22 - Contributor+ Stored XSS | Unknown | Photo Gallery, Images, Slider in Rbs Image Gallery | 中危 | - | 2025-01-07 06:00:02 | Deep Dive |
| CVE-2024-12237 | Photo Gallery Slideshow & Masonry Tiled Gallery <= 1.0.15 - Authenticated (Subscriber+) Limited Server-Side Request Forgery | nik00726 | Photo Gallery Slideshow & Masonry Tiled Gallery | Medium | 4.3 | 2025-01-03 22:22:06 | Deep Dive |
| CVE-2024-54370 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.0 - Arbitrary File Upload vulnerability | SuitePlugins | Video & Photo Gallery for Ultimate Member | Critical | 9.9 | 2024-12-16 14:31:32 | Deep Dive |
| CVE-2023-33995 | WordPress Photo Gallery by 10Web plugin <= 1.8.15 - Broken Access Control vulnerability | 10Web | Photo Gallery by 10Web | Medium | 4.3 | 2024-12-13 14:23:32 | Deep Dive |
| CVE-2024-12162 | Video & Photo Gallery for Ultimate Member <= 1.1.1 - Reflected Cross-Site Scripting | suiteplugins | Video & Photo Gallery for Ultimate Member | Medium | 6.1 | 2024-12-12 04:23:14 | Deep Dive |
| CVE-2024-5020 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library | extendthemes | Colibri Page Builder | Medium | 6.4 | 2024-12-04 08:22:47 | Deep Dive |
| CVE-2024-10704 | Photo Gallery by 10Web < 1.8.31 - Admin+ Stored XSS | Unknown | Photo Gallery by 10Web | 中危 | - | 2024-11-29 06:00:07 | Deep Dive |
| CVE-2024-6393 | NextGEN Gallery < 3.59.5 - Admin+ Stored XSS | Unknown | Photo Gallery, Sliders, Proofing and Themes | - | - | 2024-11-25 06:00:06 | Deep Dive |
| CVE-2024-9878 | Photo Gallery by 10Web <= 1.8.30 - Authenticated (Administrator+) Stored Cross-Site Scripting | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 4.4 | 2024-11-05 09:30:59 | Deep Dive |
| CVE-2024-37095 | WordPress Envira Photo Gallery plugin <= 1.8.7.3 - CSRF leading to notice dismissal vulnerability | Envira Gallery Team | Envira Photo Gallery | Medium | 4.3 | 2024-11-01 14:18:39 | Deep Dive |
| CVE-2024-43925 | WordPress Envira Gallery Lite plugin <= 1.8.14 - Broken Access Control vulnerability | Envira Gallery Team | Envira Photo Gallery | Medium | 4.3 | 2024-11-01 14:17:20 | Deep Dive |
| CVE-2024-49325 | WordPress Photo Gallery Builder plugin <= 3.0 - Broken Access Control to Notice Dismissal vulnerability | wpdiscover | Photo Gallery Builder | Medium | 4.3 | 2024-10-20 10:40:36 | Deep Dive |
| CVE-2019-25218 | Photo Gallery Slideshow & Masonry Tiled Gallery <= 1.0.3 - Authenticated (Admin+) SQL Injection | nik00726 | Photo Gallery Slideshow & Masonry Tiled Gallery | Medium | 4.9 | 2024-10-19 03:31:08 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-5968 | Photo Gallery by 10Web <= 1.8.27 - Admin+ Stored XSS | Unknown | Photo Gallery by 10Web | - | - | 2024-10-09 06:00:05 | Deep Dive |
| CVE-2024-8431 | Photo Gallery, Images, Slider in Rbs Image Gallery <= 3.2.21 - Missing Authorization to Authenticated (Subscriber+) Private Gallery Title Disclosure | robosoft | Robo Gallery – Photo & Image Slider | Medium | 4.3 | 2024-10-08 11:34:19 | Deep Dive |