Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Contest Gallery — Vulnerabilities & Security Advisories 32

All 32 CVE vulnerabilities found in Contest Gallery, with AI-generated Chinese analysis, references, and POCs.

Vendor: Contest-Gallery

CVE IDTitleCVSSSeverityPaused
CVE-2026-25035 WordPress Contest Gallery plugin <= 28.1.2.2 - Account Takeover vulnerability CWE-288 9.8 Critical2026-03-25
CVE-2026-24964 WordPress Contest Gallery plugin <= 28.1.2.1 - Server Side Request Forgery (SSRF) vulnerability CWE-918 6.4 Medium2026-03-25
CVE-2026-24965 WordPress Contest Gallery plugin <= 28.1.1 - Broken Access Control vulnerability CWE-862 8.2AIHighAI2026-02-03
CVE-2025-62950 WordPress Contest Gallery plugin <= 28.0.0 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 4.3 Medium2025-11-06
CVE-2025-48291 WordPress Contest Gallery <= 26.0.6 - Cross Site Scripting (XSS) Vulnerability CWE-79 7.1 High2025-07-16
CVE-2025-22693 WordPress Contest Gallery plugin <= 25.1.0 - SQL Injection vulnerability CWE-89 7.6 High2025-02-03
CVE-2024-56237 WordPress Contest Gallery plugin <= 24.0.3 - Cross Site Scripting (XSS) vulnerability CWE-79 5.9 Medium2025-01-02
CVE-2024-43283 WordPress Contest Gallery plugin <= 23.1.2 - Unauthenticated Comment UserID And IP address Disclosure vulnerability CWE-201 5.3 Medium2024-08-26
CVE-2024-39631 WordPress Contest Gallery plugin <= 23.1.2 - Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2024-08-01
CVE-2024-32778 WordPress Contest Gallery plugin <= 21.3.4 - Arbitrary File Deletion vulnerability CWE-22 8.5 High2024-06-09
CVE-2024-30428 WordPress Contest Gallery plugin <= 24.0.3 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2024-03-29
CVE-2024-30236 WordPress Contest Gallery plugin <= 21.3.4 - SQL Injection vulnerability CWE-89 8.5 High2024-03-28
CVE-2024-30238 WordPress Photos and Files Contest Gallery plugin <= 21.3.2 - SQL Injection vulnerability CWE-89 8.5 High2024-03-27
CVE-2023-28784 WordPress Contest Gallery Plugin <= 21.1.2 is vulnerable to Cross Site Scripting (XSS) CWE-79 7.1 High2023-06-22
CVE-2022-4160 Contest Gallery < 19.1.5 - Author+ SQL Injection 6.5 -2022-12-26
CVE-2022-4151 Contest Gallery < 19.1.5 - Admin+ SQL Injection 6.5 -2022-12-26
CVE-2022-4159 Contest Gallery < 19.1.5.1 - Author+ SQL Injection 6.5 -2022-12-26
CVE-2022-4152 Contest Gallery < 19.1.5 - Author+ SQL Injection 6.5 -2022-12-26
CVE-2022-4162 Contest Gallery < 19.1.5 - Author+ SQL Injection 6.5 -2022-12-26
CVE-2022-4164 Contest Gallery < 19.1.5 - Author+ SQL Injection 6.5 -2022-12-26
CVE-2022-4156 Contest Gallery < 19.1.5.1 - Unauthenticated SQL Injection 6.5 -2022-12-26
CVE-2022-4163 Contest Gallery < 19.1.5 - Author+ SQL Injection 6.5 -2022-12-26
CVE-2022-4166 Contest Gallery < 19.1.5 - Author+ SQL Injection 6.5 -2022-12-26
CVE-2022-4150 Contest Gallery < 19.1.5 - Author+ SQL Injection 6.5 -2022-12-26
CVE-2022-4158 Contest Gallery < 19.1.5 - Unauthenticated SQL Injection 7.5 -2022-12-26
CVE-2022-4165 Contest Gallery < 19.1.5 - Author+ SQL Injection 6.5 -2022-12-26
CVE-2022-4155 Contest Gallery < 19.1.5 - Admin+ SQL Injection 4.9 -2022-12-26
CVE-2022-4157 Contest Gallery < 19.1.5 - Admin+ SQL Injection 4.9 -2022-12-26
CVE-2022-4153 Contest Gallery < 19.1.5.1 - Author+ SQL Injection 6.5 -2022-12-26
CVE-2022-4161 Contest Gallery < 19.1.5 - Author+ SQL Injection 6.5 -2022-12-26

All 32 known CVE vulnerabilities affecting Contest Gallery with full Chinese analysis, references, and POCs where available.