Vulnerabilities > Contest Gallery > Contest Gallery > 11.1.0.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-26 | CVE-2022-4166 | Unspecified vulnerability in Contest-Gallery Contest Gallery The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the addCountS POST parameter before concatenating it to an SQL query in 4_activate.php. | 6.5 |
| 2022-12-06 | CVE-2022-45848 | Cross-site Scripting vulnerability in Contest-Gallery Contest Gallery Unauth. | 6.1 |
| 2022-08-23 | CVE-2022-36394 | Unspecified vulnerability in Contest-Gallery Contest Gallery Authenticated (author+) SQL Injection (SQLi) vulnerability in Contest Gallery plugin <= 17.0.4 at WordPress. | 8.8 |
| 2022-04-18 | CVE-2022-27853 | Unspecified vulnerability in Contest-Gallery Contest Gallery Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) in Contest Gallery (WordPress plugin) <= 13.1.0.9 | 4.8 |