| CVE-2024-3710 | Image Photo Gallery Final Tiles Grid < 3.6.0 - Contributor+ Stored XSS | Unknown | Image Photo Gallery Final Tiles Grid | - | - | 2024-07-13 06:00:04 | Deep Dive |
| CVE-2024-37542 | WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability | WpDevArt | Responsive Image Gallery, Gallery Album | Medium | 5.4 | 2024-07-06 12:40:29 | Deep Dive |
| CVE-2024-5424 | Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via galleryID and className Parameters | gallerycreator | Mixed Media Gallery Blocks | Medium | 6.4 | 2024-06-28 08:33:28 | Deep Dive |
| CVE-2024-6262 | Portfolio Gallery – Image Gallery Plugin <= 1.6.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | awordpresslife | Portfolio Filter Gallery | Medium | 6.4 | 2024-06-27 11:03:35 | Deep Dive |
| CVE-2024-3894 | Photo Gallery, Images, Slider in Rbs Image Gallery <= 3.2.19 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title | robosoft | Robo Gallery – Photo & Image Slider | Medium | 6.4 | 2024-06-19 06:55:46 | Deep Dive |
| CVE-2024-5343 | Photo Gallery, Images, Slider in Rbs Image Gallery <= 3.2.19 - Cross-Site Request Forgery to Post Creation and Limited Data Loss | robosoft | Robo Gallery – Photo & Image Slider | High | 8.8 | 2024-06-19 05:37:43 | Deep Dive |
| CVE-2024-2122 | FooGallery <= 2.4.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Custom URL | fooplugins | Gallery by FooGallery | Medium | 6.4 | 2024-06-14 05:39:16 | Deep Dive |
| CVE-2024-35721 | WordPress Image Gallery plugin <= 1.4.5 - Broken Access Control vulnerability | A WP Life | Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery | Medium | 4.3 | 2024-06-10 07:57:49 | Deep Dive |
| CVE-2024-35722 | WordPress Slider Responsive Slideshow – Image slider, Gallery slideshow plugin <= 1.4.0 - Broken Access Control vulnerability | A WP Life | Slider Responsive Slideshow – Image slider, Gallery slideshow | Medium | 4.3 | 2024-06-10 07:56:46 | Deep Dive |
| CVE-2024-35750 | WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - SQL Injection vulnerability | wpdevart | Responsive Image Gallery, Gallery Album | High | 8.5 | 2024-06-08 12:37:31 | Deep Dive |
| CVE-2024-5481 | Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.23 - Authenticated (Contributor+) Path Traversal via esc_dir Function | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 6.8 | 2024-06-07 09:33:36 | Deep Dive |
| CVE-2024-5426 | Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via Zipped SVG | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 6.4 | 2024-06-07 09:33:35 | Deep Dive |
| CVE-2024-4194 | Album and Image Gallery plus Lightbox <= 2.0 - Unauthenticated Arbitrary Shortcode Execution | essentialplugin | Album and Image Gallery Plus Lightbox | Medium | 6.5 | 2024-06-06 02:02:57 | Deep Dive |
| CVE-2024-1897 | Grid Gallery – Photo Image Grid Gallery <= 1.4.3 - Authenticated (Contributor+) PHP Object Injection via shortcode | awordpresslife | Grid Gallery for Images | High | 7.5 | 2024-05-02 16:51:59 | Deep Dive |
| CVE-2024-1896 | Photo Gallery <= 1.4.2 - Authenticated(Contributor+) PHP Object Injection via Shortcode | awordpresslife | Photo Gallery for Images | High | 7.5 | 2024-05-02 16:51:47 | Deep Dive |
| CVE-2024-4035 | Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery <= 2.7.7.21 - Authenticated (Author+) Cross-Site Scripting | gt3themes | Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery | Medium | 6.4 | 2024-04-25 09:29:58 | Deep Dive |
| CVE-2024-3020 | Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce <= 2.6.3 - Authenticated (Admin+) PHP Object Injection | shapedplugin | Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel | High | 7.2 | 2024-04-10 04:30:22 | Deep Dive |
| CVE-2024-2296 | Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.21 - Authenticated (Admin+) Stored Cross-Site Scripting via SVG | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 5.5 | 2024-04-06 08:38:54 | Deep Dive |
| CVE-2024-2949 | Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'sp_wp_carousel_shortcode' | shapedplugin | Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel | Medium | 6.4 | 2024-04-06 06:47:19 | Deep Dive |
| CVE-2024-3129 | SourceCodester Image Accordion Gallery App add-image.php unrestricted upload | SourceCodester | Image Accordion Gallery App | Medium | 6.3 | 2024-04-01 16:00:06 | Deep Dive |