The Meow Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the REST API endpoint /wp-json/meow-gallery/v1/save_shortcode in all versi
The All-in-One Video Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `ajax_callback_create_bunny_stream_video`, `ajax_callback_
The Meta-box GalleryMeta plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mb_gallery' custom post type in all versions up to, and inclu
The All-in-One Video Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_callback_store_user_meta() function in versions 4.1.0
The AI Engine plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'Meow_MWAI_Labs_MCP::can_access_mcp' function in version
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ays_save_google_credentials' function
The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's videowhisper_picture_upload_guest shortcode in all vers
The Contest Gallery plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 28.0.2. This is due to the plugin registering the `cg_check_wp_admin_upload_v10` AJ
The Image Photo Gallery Final Tiles Grid plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on multiple AJAX actions in all versions up
The Zox News - Professional WordPress News & Magazine Theme plugin for WordPress is vulnerable to unauthorized data modification. This vulnerability can lead to privilege escalation and denial of serv
The Gallery by FooGallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax_get_gallery_info() function in all versions up to, and includi
The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classic_gallery_slider_options() function in all versio
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_comment() function in
The Photographers galleries plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcode attributes (`w`, `h`, `raw_css`, `look`, etc.) in all versions up to, and including
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘image_id’ parameter in all versions up to, and including, 1.8.3
The Search, Filters & Merchandising for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wcis_save_email' endpoint in all v
The Folder Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'foldergallery' shortcode in all versions up to, and including, 1.7.4 due to insufficient input sa
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'edit_imageId' and 'edit_imageDelete' parameters in all versions up to, and including, 4.8.5
The Meks Video Importer plugin for WordPress is vulnerable to unauthorized API key modification due to a missing capability check on the ajax_save_settings function in all versions up to, and includin
The Easy Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Gallery shortcode post meta field in all versions up to, and including, 1.5.3. This is due to insuffici
Page 1+ Next →