| CVE-2025-13322 | WP AUDIO GALLERY <= 2.0 - Authenticated (Subscriber+) Arbitrary File Deletion via 'audio_upload' Parameter | husainali52 | WP AUDIO GALLERY | High | 8.1 | 2025-11-21 07:31:46 | Deep Dive |
| CVE-2025-5092 | Multiple Plugins and Themes <= (Various Versions) - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via lightGallery JavaScript Library | lightgalleryteam | LightGallery WP | Medium | 6.4 | 2025-11-20 06:38:42 | Deep Dive |
| CVE-2025-12359 | Responsive Lightbox & Gallery <= 2.5.3 - Authenticated (Author+) Server-Side Request Forgery | dfactory | Responsive Lightbox & Gallery | Medium | 5.4 | 2025-11-19 05:45:15 | Deep Dive |
| CVE-2025-12691 | Photonic Gallery & Lightbox for Flickr, SmugMug & Others <= 3.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Caption Attribute | sayontan | Photonic Gallery & Lightbox for Flickr, SmugMug & Others | Medium | 6.4 | 2025-11-18 09:27:40 | Deep Dive |
| CVE-2025-12849 | Contest Gallery <= 28.0.2 - Missing Authorization | contest-gallery | Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe | Medium | 5.3 | 2025-11-15 06:41:31 | Deep Dive |
| CVE-2025-12494 | Image Gallery – Photo Grid & Video Gallery <= 2.12.28 - Improper Authorization to Authenticated (Author+) Arbitrary Image File Move | wpchill | Modula Image Gallery – Photo Grid & Video Gallery | Medium | 4.3 | 2025-11-15 05:45:34 | Deep Dive |
| CVE-2025-12377 | Gallery Plugin for WordPress – Envira Photo Gallery <= 1.12.0 - Missing Authorization to Authenticated (Author+) Multiple Gallery Actions | smub | Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More | Medium | 4.3 | 2025-11-13 11:29:03 | Deep Dive |
| CVE-2025-11448 | Gallery Plugin for WordPress – Envira Photo Gallery <= 1.11.0 - Missing Authorization to Authenticated (Contributor+) Gallery Conversion | smub | Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More | Medium | 4.3 | 2025-11-08 09:28:11 | Deep Dive |
| CVE-2025-62950 | WordPress Contest Gallery plugin <= 28.0.0 - Cross Site Request Forgery (CSRF) vulnerability | Wasiliy Strecker / ContestGallery developer | Contest Gallery | Medium | 4.3 | 2025-11-06 15:56:05 | Deep Dive |
| CVE-2025-49394 | WordPress Image Gallery block – Create and display photo gallery/photo album. plugin <= 1.0.7 - Broken Authentication vulnerability | bPlugins | Image Gallery block – Create and display photo gallery/photo album. | High | 7.1 | 2025-11-06 15:53:53 | Deep Dive |
| CVE-2025-62910 | WordPress Video Gallery by Huzzaz plugin <= 10.5 - Cross Site Scripting (XSS) vulnerability | deshine | Video Gallery by Huzzaz | Medium | 6.5 | 2025-10-27 01:33:54 | Deep Dive |
| CVE-2025-10637 | Social Feed Gallery <= 4.9.2 - Missing Authorization to Unauthenticated Information Exposure | quadlayers | Social Feed Gallery | Medium | 5.3 | 2025-10-25 06:49:24 | Deep Dive |
| CVE-2025-11834 | WP AD Gallery <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | wiellyam | WP AD Gallery | Medium | 6.4 | 2025-10-22 08:27:03 | Deep Dive |
| CVE-2017-20207 | Flickr Gallery <= 1.5.2 - Unauthenticated PHP Object Injection | Dan Coulter | Flickr Gallery | Critical | 9.8 | 2025-10-18 03:33:25 | Deep Dive |
| CVE-2025-59292 | Azure Compute Gallery Elevation of Privilege Vulnerability | Microsoft | Azure Compute Gallery | High | 8.2 | 2025-10-14 17:00:51 | Deep Dive |
| CVE-2025-59291 | Confidential Azure Container Instances Elevation of Privilege Vulnerability | Microsoft | Azure Compute Gallery | High | 8.2 | 2025-10-14 17:00:50 | Deep Dive |
| CVE-2025-11254 | Contest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.3 - Unauthenticated CSV Injection | contest-gallery | Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe | Medium | 4.3 | 2025-10-11 08:29:16 | Deep Dive |
| CVE-2025-9710 | Responsive Lightbox & Gallery < 2.5.3 - Unauthenticated Stored-XSS via Comments | Unknown | Responsive Lightbox & Gallery | - | - | 2025-10-06 06:00:07 | Deep Dive |
| CVE-2025-10383 | Contest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.2 - Authenticated (Author+) Stored Cross-Site Scripting | contest-gallery | Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe | Medium | 6.4 | 2025-10-04 03:33:32 | Deep Dive |
| CVE-2025-9199 | Woo superb slideshow transition gallery with random effect <= 9.1 - Authenticated (Contributor+) SQL Injection | gopiplus | Woo superb slideshow transition gallery with random effect | Medium | 6.5 | 2025-10-03 11:17:16 | Deep Dive |