Vulnerabilities > Unitegallery > Unite Gallery Lite > 1.3.7

DATE CVE VULNERABILITY TITLE RISK
2023-08-30 CVE-2023-34183 Cross-site Scripting vulnerability in Unitegallery Unite Gallery Lite
Auth.
network
low complexity
unitegallery CWE-79
4.8
4.8
2019-09-26 CVE-2015-9447 Cross-Site Request Forgery (CSRF) vulnerability in Unitegallery Unite Gallery Lite
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin.php galleryid or id parameters. 		4.3
4.3
2019-09-26 CVE-2015-9446 SQL Injection vulnerability in Unitegallery Unite Gallery Lite
The unite-gallery-lite plugin before 1.5 for WordPress has SQL injection via data[galleryID] to wp-admin/admin-ajax.php.
network
low complexity
unitegallery CWE-89
6.5
6.5
2019-09-26 CVE-2015-9445 Cross-Site Request Forgery (CSRF) vulnerability in Unitegallery Unite Gallery Lite
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin-ajax.php in a unitegallery_ajax_action operation. 		6.8
6.8