Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

All-in-One Video Gallery — Vulnerabilities & Security Advisories 11

All 11 CVE vulnerabilities found in All-in-One Video Gallery, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2026-1706 All-in-One Video Gallery <= 4.7.1 - Reflected Cross-Site Scripting via 'vi' Parameter CWE-79 6.1 Medium2026-03-04
CVE-2025-15516 All-in-One Video Gallery 4.1.0 - 4.6.4 - Missing Authorization to Authenticated (Subscriber+) Limited User Meta Update CWE-862 4.3 Medium2026-01-24
CVE-2025-14947 All-in-One Video Gallery <= 4.6.4 - Missing Authorization to Unauthenticated Bunny Stream Video Creation/Deletion CWE-862 6.5 Medium2026-01-23
CVE-2025-12957 All-in-One Video Gallery <= 4.5.7 - Authenticated (Author+) Arbitrary File Upload via VTT Upload Bypass CWE-434 8.8 High2026-01-16
CVE-2025-12966 All-in-One Video Gallery 4.5.4 - 4.5.7 – Authenticated (Author+) Arbitrary File Upload via Import ZIP CWE-434 8.8 High2025-12-06
CVE-2024-6629 All-in-One Video Gallery <= 3.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Shortcode CWE-79 6.4 Medium2024-07-24
CVE-2024-31248 WordPress All-in-One Video Gallery plugin <= 3.5.2 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-06-09
CVE-2024-4670 All-in-One Video Gallery <= 3.6.5 - Authenticated (Contributor+) Local File Inclusion via aiovg_search_form Shortcode CWE-98 8.8 High2024-05-15
CVE-2024-4033 All-in-One Video Gallery <= 3.6.4 - Authenticated (Contributor+) Arbitrary File Upload via featured image CWE-434 8.8 High2024-05-02
CVE-2022-2633 WordPress plugin All-in-One Video Gallery 安全漏洞 7.5 High2022-09-06
CVE-2021-24970 All-In-One-Gallery < 2.5.0 - Admin+ Local File Inclusion CWE-22 7.2 -2021-12-13

All 11 known CVE vulnerabilities affecting All-in-One Video Gallery with full Chinese analysis, references, and POCs where available.