Vulnerabilities > Plugins360 > ALL IN ONE Video Gallery > 2.6.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-24 | CVE-2024-6629 | Cross-site Scripting vulnerability in Plugins360 All-In-One Video Gallery The All-in-One Video Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video shortcode in all versions up to, and including, 3.7.1 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-06-09 | CVE-2024-31248 | Unspecified vulnerability in Plugins360 All-In-One Video Gallery Missing Authorization vulnerability in Team Plugins360 All-in-One Video Gallery.This issue affects All-in-One Video Gallery: from n/a through 3.5.2. | 8.8 |