WP Easy Gallery – WordPress Gallery Plugin — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in WP Easy Gallery – WordPress Gallery Plugin, with AI-generated Chinese analysis, references, and POCs.

Vendor: hahncgdev

CVE ID	Title	CVSS	Severity	Paused
CVE-2024-9018	WP Easy Gallery <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key Parameter CWE-89	8.8	High	2024-10-01
CVE-2024-8436	WP Easy Gallery – WordPress Gallery Plugin <= 4.8.5 - Authenticated (Subscriber+) SQL Injection CWE-89	9.9	Critical	2024-09-24
CVE-2024-8437	WP Easy Gallery – WordPress Gallery Plugin <= 4.8.5 - Missing Authorization to Authenticated (Subscriber+) Gallery Manipulation CWE-862	4.3	Medium	2024-09-24

All 3 known CVE vulnerabilities affecting WP Easy Gallery – WordPress Gallery Plugin with full Chinese analysis, references, and POCs where available.

Support Us — Your donation helps us keep running

WP Easy Gallery – WordPress Gallery Plugin — Vulnerabilities & Security Advisories 3