Vulnerabilities > Wpdevart > Gallery

DATE CVE VULNERABILITY TITLE RISK
2025-01-02 CVE-2023-45631 Missing Authorization vulnerability in Wpdevart Gallery
Missing Authorization vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3.
network
low complexity
wpdevart CWE-862
5.4
2024-07-06 CVE-2024-37542 Unspecified vulnerability in Wpdevart Gallery
Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3.
network
low complexity
wpdevart
6.3
2024-06-08 CVE-2024-35750 Unspecified vulnerability in Wpdevart Gallery
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3.
network
low complexity
wpdevart
8.8
2024-03-31 CVE-2024-30550 Unspecified vulnerability in Wpdevart Gallery
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Reflected XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3.
network
low complexity
wpdevart
6.1
2024-03-31 CVE-2024-31120 Unspecified vulnerability in Wpdevart Gallery
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Stored XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3.
network
low complexity
wpdevart
5.4
2023-10-18 CVE-2023-45630 Unspecified vulnerability in Wpdevart Gallery
Unauth.
network
low complexity
wpdevart
6.1
2022-07-04 CVE-2022-1946 Unspecified vulnerability in Wpdevart Gallery
The Gallery WordPress plugin before 2.0.0 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue
network
low complexity
wpdevart
6.1