CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35721 – WordPress Image Gallery plugin <= 1.4.5 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-35721
Missing Authorization vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through 1.4.5. Vulnerabilidad de autorización faltante en A WP Life Image Gallery: Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery. Este problema afecta a la Galería de imágenes: Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: desde n/a hasta 1.4.5. The Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the _ajax_image_gallery and _ig_save_settings functions in versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify plugin settings. • https://patchstack.com/database/vulnerability/new-image-gallery/wordpress-image-gallery-plugin-1-4-5-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1327 – Image Gallery - Grid Gallery < 1.1.6 - Admin+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-1327
The Image Gallery WordPress plugin before 1.1.6 does not sanitize and escape some of its Image fields, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed El plugin Image Gallery - Grid Gallery de WordPress en versiones anteriores a la 1.1.6 no sanea y escapa de algunos de sus campos de imagen, lo que podría permitir a usuarios con altos privilegios, como el administrador, llevar a cabo ataques de tipo Cross-Site Scripting incluso cuando unfiltered_html está deshabilitado The Image Gallery - Grid Gallery WordPress plugin through 1.1.1 does not sanitize and escape some of its Image fields, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed • https://wpscan.com/vulnerability/6b71eb38-0a4a-49d1-96bc-84bbe675be1e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4987
https://notcve.org/view.php?id=CVE-2016-4987
Directory traversal vulnerability in the Image Gallery plugin before 1.4 in Jenkins allows remote attackers to list arbitrary directories and read arbitrary files via unspecified form fields. Vulnerabilidad de salto de directorio en el plugin Image Gallery en versiones anteriores a 1.4 en Jenkins permite a atacantes remotos listar directorios arbitrarios y leer archivos arbitrarios a través de campos de formulario no especificados. • https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-11018 – Huge-IT gallery-images <= 1.8.9 - SQL Injection
https://notcve.org/view.php?id=CVE-2016-11018
An issue was discovered in the Huge-IT gallery-images plugin before 1.9.0 for WordPress. The headers Client-Ip and X-Forwarded-For are prone to unauthenticated SQL injection. The affected file is gallery-images.php. The affected function is huge_it_image_gallery_ajax_callback(). Se detectó un problema en el plugin Huge-IT gallery-images versiones anteriores a 1.9.0 para WordPress. • http://10degres.net/cve-2016-11018-image-gallery-sql-injection https://plugins.trac.wordpress.org/browser/gallery-images/tags/1.8.9 https://plugins.trac.wordpress.org/browser/gallery-images/tags/1.9.0 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2009-1446 – Elkagroup Image Gallery 1.0 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2009-1446
Unrestricted file upload vulnerability in upload.php in Elkagroup Image Gallery 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in gallery/pictures/. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de subida de ficheros sin restricciones en upload.php en Elkagroup Image Gallery v1.0 permite a los usuarios remotos autenticados ejecutar código arbitrario mediante la subida de un archivo con una extensión ejecutable para, a continuación, acceder a él a través de una solicitud directa al archivo en gallery/pictures/. NOTA: Algunos de estos detalles se obtienen a partir de información de terceros. • https://www.exploit-db.com/exploits/8514 http://osvdb.org/54115 http://secunia.com/advisories/25844 http://www.securityfocus.com/bid/34679 http://www.vupen.com/english/advisories/2009/1149 • CWE-20: Improper Input Validation •