| CVE-2024-3020 | Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce <= 2.6.3 - Authenticated (Admin+) PHP Object Injection | shapedplugin | Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel | High | 7.2 | 2024-04-10 04:30:22 | Deep Dive |
| CVE-2024-2296 | Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.21 - Authenticated (Admin+) Stored Cross-Site Scripting via SVG | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 5.5 | 2024-04-06 08:38:54 | Deep Dive |
| CVE-2024-2949 | Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'sp_wp_carousel_shortcode' | shapedplugin | Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel | Medium | 6.4 | 2024-04-06 06:47:19 | Deep Dive |
| CVE-2024-29921 | WordPress Photo Gallery by Supsystic plugin <= 1.15.16 - Cross Site Scripting (XSS) vulnerability | supsystic | Photo Gallery by Supsystic | Medium | 5.9 | 2024-03-27 07:14:51 | Deep Dive |
| CVE-2024-29919 | WordPress Photo Gallery by Ays Plugin <=5.5.2 - Reflected Cross Site Scripting (XSS) vulnerability | Photo Gallery Team | Photo Gallery by Ays | High | 7.1 | 2024-03-27 07:11:56 | Deep Dive |
| CVE-2024-0221 | Photo Gallery by 10Web - Mobile-Friendly Image Gallery <= 1.8.19 - Directory Traversal to Arbitrary File Rename | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Critical | 9.1 | 2024-02-05 21:21:40 | Deep Dive |
| CVE-2024-22295 | WordPress Robo Gallery Plugin <= 3.2.17 is vulnerable to Cross Site Scripting (XSS) | RoboSoft | Photo Gallery, Images, Slider in Rbs Image Gallery | Medium | 5.9 | 2024-01-31 17:30:41 | Deep Dive |
| CVE-2023-6742 | Envira Gallery Lite <= 1.8.7.2 - Missing Authorization to Gallery Modification via envira_gallery_insert_images | smub | Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More | Medium | 4.3 | 2024-01-11 08:32:33 | Deep Dive |
| CVE-2023-6924 | Photo Gallery by 10Web <= 1.8.18 - Authenticated (Administrator+) Stored Cross-Site Scripting via Widget | 10web | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | Medium | 4.4 | 2024-01-11 08:32:29 | Deep Dive |
| CVE-2022-47588 | WordPress Simple Photo Gallery Plugin <= v1.8.1 is vulnerable to SQL Injection | Tips and Tricks HQ, Peter Petreski | Simple Photo Gallery | 超危 | - | 2023-11-03 11:14:44 | Deep Dive |
| CVE-2023-39917 | WordPress Photo Gallery by Ays Plugin <= 5.2.6 is vulnerable to Cross Site Request Forgery (CSRF) | Photo Gallery Team | Photo Gallery by Ays – Responsive Image Gallery | Medium | 4.3 | 2023-10-03 11:14:29 | Deep Dive |
| CVE-2023-41658 | WordPress Photo Gallery Slideshow & Masonry Tiled Gallery Plugin <= 1.0.13 is vulnerable to Cross Site Scripting (XSS) | I Thirteen Web Solution | Photo Gallery Slideshow & Masonry Tiled Gallery | High | 7.1 | 2023-09-29 13:33:02 | Deep Dive |
| CVE-2023-3499 | Robo Gallery < 3.2.16 - Admin+ Stored XSS | Unknown | Photo Gallery, Images, Slider in Rbs Image Gallery | 中危 | - | 2023-09-04 11:27:01 | Deep Dive |
| CVE-2023-32107 | WordPress Photo Gallery by Ays Plugin <= 5.1.3 is vulnerable to Cross Site Scripting (XSS) | Photo Gallery Team | Photo Gallery by Ays – Responsive Image Gallery | High | 7.1 | 2023-08-18 14:00:03 | Deep Dive |
| CVE-2023-3957 | ACF Photo Gallery Field <= 1.9 - Authenticated (Subscriber+) Arbitrary Usermeta Update | navzme | ACF Photo Gallery Field | Medium | 4.3 | 2023-07-27 06:54:16 | Deep Dive |
| CVE-2023-3538 | SimplePHPscripts Photo Gallery PHP URL Parameter preview.php cross site scripting | SimplePHPscripts | Photo Gallery PHP | Low | 3.5 | 2023-07-07 14:00:05 | Deep Dive |
| CVE-2021-4384 | WordPress Photo Gallery – Image Gallery <= 1.0.6 - Cross-Site Request Forgery Bypass | origincode | WordPress Photo Gallery – Image Gallery | Medium | 4.3 | 2023-07-01 03:30:12 | Deep Dive |
| CVE-2023-2568 | Photo Gallery by Ays < 5.1.7 - Reflected XSS | Unknown | Photo Gallery by Ays | 中危 | - | 2023-06-12 17:28:23 | Deep Dive |
| CVE-2023-2402 | Photo Gallery Slideshow & Masonry Tiled Gallery <= 1.0.13 - Reflected Cross-Site Scripting | nik00726 | Photo Gallery Slideshow & Masonry Tiled Gallery | Medium | 6.1 | 2023-06-09 05:33:18 | Deep Dive |
| CVE-2023-24414 | WordPress Robo Gallery Plugin <= 3.2.11 is vulnerable to Cross Site Request Forgery (CSRF) | RoboSoft | Photo Gallery, Images, Slider in Rbs Image Gallery | Medium | 4.3 | 2023-05-20 22:08:56 | Deep Dive |