Vulnerabilities > 10Web > Photo Gallery > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-07 | CVE-2024-5481 | Path Traversal vulnerability in 10Web Photo Gallery The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. | 8.8 |
| 2024-02-05 | CVE-2024-0221 | Path Traversal vulnerability in 10Web Photo Gallery The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. | 7.2 |
| 2019-08-30 | CVE-2015-9380 | Cross-Site Request Forgery (CSRF) vulnerability in 10Web Photo Gallery The photo-gallery plugin before 1.2.42 for WordPress has CSRF. | 8.8 |
| 2017-08-28 | CVE-2014-9312 | Unrestricted Upload of File with Dangerous Type vulnerability in 10Web Photo Gallery 1.2.5 Unrestricted File Upload vulnerability in Photo Gallery 1.2.5. | 8.8 |
| 2017-08-21 | CVE-2017-12977 | SQL Injection vulnerability in 10Web Photo Gallery The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. | 7.2 |