Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

fooplugins — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting fooplugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by fooplugins:Gallery by FooGalleryFooGalleryLightbox & Modal Popup WordPress Plugin – FooBoxBest Image Gallery & Responsive Photo Gallery – FooGalleryBest WordPress Gallery Plugin – FooGalleryFooBox Image Lightbox
CVE IDTitleCVSSSeverityPublished
CVE-2026-25363 WordPress FooGallery plugin <= 3.1.11 - Broken Access Control vulnerability — FooGalleryCWE-862 4.3 Medium2026-02-19
CVE-2026-25362 WordPress FooGallery plugin <= 3.1.11 - Cross Site Scripting (XSS) vulnerability — FooGalleryCWE-79 5.9 Medium2026-02-19
CVE-2025-15524 Gallery by FooGallery <= 3.1.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Gallery Metadata Exposure — Gallery by FooGalleryCWE-862 4.3 Medium2026-02-11
CVE-2025-6068 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting — Gallery by FooGalleryCWE-79 6.4 Medium2025-07-11
CVE-2025-5537 Lightbox & Modal Popup WordPress Plugin – FooBox <= 2.7.34 - Authenticated (Author+) Stored Cross-Site Scripting — Lightbox & Modal Popup WordPress Plugin – FooBoxCWE-79 6.4 Medium2025-07-08
CVE-2025-32139 WordPress Lightbox & Modal Popup WordPress Plugin – FooBox plugin <= 2.7.33 - Cross Site Scripting (XSS) vulnerability — FooBox Image LightboxCWE-79 5.9 Medium2025-04-10
CVE-2024-12119 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.29 - Authenticated (Custom+) Stored Cross-Site Scripting via Album Title Size — Gallery by FooGalleryCWE-79 6.4 Medium2025-03-08
CVE-2024-12114 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.29 - Insecure Direct Object Reference to Authenticated (Custom+) Arbitrary Post/Page Updates — Gallery by FooGalleryCWE-639 4.3 Medium2025-03-08
CVE-2024-5668 Lightbox & Modal Popup WordPress Plugin – FooBox <= 2.7.28 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via HTML Data Attributes — Lightbox & Modal Popup WordPress Plugin – FooBoxCWE-79 6.4 Medium2024-08-08
CVE-2024-2122 FooGallery <= 2.4.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Custom URL — Gallery by FooGalleryCWE-79 6.4 Medium2024-06-14
CVE-2024-2081 FooGallery <= 2.4.14 - Authenticated (Author+) Stored Cross-Site Scripting — Gallery by FooGalleryCWE-79 6.4 Medium2024-04-09
CVE-2024-2471 FooGallery <= 2.4.14 - Authenticated (Author+) Stored Cross-Site Scripting via Image Attachment Fields — Gallery by FooGalleryCWE-79 6.4 Medium2024-04-06
CVE-2024-0604 Best WordPress Gallery Plugin – FooGallery <= 2.4.7 -Authenticated(Administrator+) Stored Cross-Site Scripting via settings — Gallery by FooGalleryCWE-79 4.4 Medium2024-02-20
CVE-2023-44233 WordPress FooGallery Plugin <= 2.2.44 is vulnerable to Cross Site Request Forgery (CSRF) — Best WordPress Gallery Plugin – FooGalleryCWE-352 5.4 Medium2023-10-06
CVE-2023-44244 WordPress FooGallery Plugin <= 2.2.44 is vulnerable to Cross Site Scripting (XSS) — FooGalleryCWE-79 7.1 High2023-10-02
CVE-2023-29439 WordPress FooGallery Plugin <= 2.2.35 is vulnerable to Cross Site Scripting (XSS) — FooGalleryCWE-79 7.1 High2023-05-16
CVE-2021-24357 FooGallery < 2.0.35 - Authenticated Stored Cross-Site Scripting — Best Image Gallery & Responsive Photo Gallery – FooGalleryCWE-79 5.4 -2021-06-14

This page lists every published CVE security advisory associated with fooplugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.