All 3 CVE vulnerabilities found in ImagePress – Image Gallery, with AI-generated Chinese analysis, references, and POCs.
Vendor: butterflymedia
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-9776 | ImagePress - Image Gallery <= 1.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings CWE-79 | 4.4 | Medium | 2024-10-12 |
| CVE-2024-9778 | ImagePress – Image Gallery <= 1.2.2 - Cross-Site Request Forgery to Plugin Settings Update CWE-352 | 4.3 | Medium | 2024-10-12 |
| CVE-2024-9824 | ImagePress - Image Gallery <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Post Title Update CWE-862 | 4.3 | Medium | 2024-10-12 |
All 3 known CVE vulnerabilities affecting ImagePress – Image Gallery with full Chinese analysis, references, and POCs where available.