10web — Vulnerabilities & Security Advisories 41

Browse all 41 CVE security advisories affecting 10web. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products 10web:Photo Gallery by 10Web – Mobile-Friendly Image Gallery Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder PhotoGallery Photo Gallery by 10Web 10Web Map Builder for Google Maps 10WebAnalytics SEO by 10Web WDContactFormBuilder WD WidgetTwitter 10Web AI Assistant – AI content writing assistant Slider by 10Web Slider by 10Web – Responsive Image Slider 10Web Social Post Feed Form Maker by 10Web 10Web Booster – Website speed optimization, Cache & Page Speed optimizer

CVE ID	Title	CVSS	Severity	Paused
CVE-2024-29808	WordPress Photo Gallery Plugin <= 1.8.21 Reflected Cross Site Scripting in editimage_bwg image_id — PhotoGalleryCWE-79	5.4	Medium	2024-03-26
CVE-2024-29832	WordPress Photo Gallery Plugin <= 1.8.21 Unauthenticated Reflected Cross Site Scripting in GalleryBox current_url — PhotoGalleryCWE-79	6.1	Medium	2024-03-26
CVE-2024-0221	Photo Gallery by 10Web - Mobile-Friendly Image Gallery <= 1.8.19 - Directory Traversal to Arbitrary File Rename — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-22	9.1	Critical	2024-02-05
CVE-2023-6985	10Web AI Assistant – AI content writing assistant <= 1.0.18 - Missing Authorization to Arbitrary Plugin Installation — 10Web AI Assistant – AI content writing assistantCWE-862	6.5	Medium	2024-02-05
CVE-2024-0667	Form-Maker (twb_form-maker) <= 1.15.21 - Cross-Site Request Forgery to Limited Code Execution via Execute — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-1078	5.4	Medium	2024-01-27
CVE-2023-6924	Photo Gallery by 10Web <= 1.8.18 - Authenticated (Administrator+) Stored Cross-Site Scripting via Widget — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79	4.4	Medium	2024-01-11
CVE-2023-5048	WDContactFormBuilder <= 1.0.72 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — WDContactFormBuilderCWE-79	6.4	Medium	2023-11-22
CVE-2023-34375	WordPress Seo By 10Web Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS) — SEO by 10WebCWE-79	7.1	High	2023-11-16
CVE-2023-5709	WD WidgetTwitter <= 1.0.9 - Authenticated (Contributor+) SQL Injection via Shortcode — WD WidgetTwitterCWE-89	8.8	High	2023-11-07
CVE-2020-36756	10WebAnalytics <= 1.2.8 - Cross-Site Request Forgery Bypass — 10WebAnalyticsCWE-352	4.3	Medium	2023-07-12
CVE-2021-24310	Photo Gallery < 1.5.67 - Authenticated Stored Cross-Site Scripting via Gallery Title — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79	4.8	-	2021-06-01

This page lists every published CVE security advisory associated with 10web. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Support Us — Your donation helps us keep running

10web — Vulnerabilities & Security Advisories 41