Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-04-15
CVE-2026-2479 - Gallery Plugin
The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.1. This is due to the use of `strpos()` for substring-based hostname validation instead of strict host comparison in the `ajax_upload_image()` function. This makes it possible for authenticated attackers, with Author-level access and above, to make web requests to arbitrary locations originating from the web application, which can be used to query and modify information from internal services.
PLUGIN
Gallery
CVE-2026-2479
Risk Score
Threat Entry
Updated 2026-02-24
CVE-2025-15386 - Gallery Plugin
The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved.
PLUGIN
Gallery
CVE-2025-15386
Risk Score
Threat Entry
Updated 2025-11-19
CVE-2025-12359 - Gallery Plugin
The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.3 via the 'get_image_size_by_url' function. This is due to insufficient validation of user-supplied URLs when determining image dimensions for gallery items. This makes it possible for authenticated attackers, with Author-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services.
PLUGIN
Gallery
CVE-2025-12359
Risk Score
Threat Entry
Updated 2025-12-15
CVE-2025-12377 - Gallery Plugin
The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.12.0. This makes it possible for authenticated attackers, with Author-level access and above, to perform multiple actions, such as removing images from arbitrary galleries. The vulnerability was partially patched in version 1.12.0.
PLUGIN
Gallery
CVE-2025-12377
Risk Score
Threat Entry
Updated 2025-11-12
CVE-2025-11448 - Gallery Plugin
The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/envira-convert/v1/bulk-convert' REST API endpoint in all versions up to, and including, 1.11.0. This makes it possible for authenticated attackers, with contributor-level access and above, to convert galleries to Envira galleries.
PLUGIN
Gallery
CVE-2025-11448
Risk Score
Threat Entry
Updated 2025-10-06
CVE-2025-9710 - Gallery Plugin
The Responsive Lightbox & Gallery WordPress plugin before 2.5.3 does not properly handle HTML tag attributes modifications, potentially allowing unauthenticated attackers to abuse the functionality to include event handlers and conduct Stored XSS attacks.
PLUGIN
Gallery
CVE-2025-9710
Risk Score
Threat Entry
Updated 2025-07-01
CVE-2025-5093 - Gallery Plugin
The Responsive Lightbox & Gallery WordPress plugin before 2.5.2 use the Swipebox library which does not validate and escape title attributes before outputting them back in a page/post where used, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
PLUGIN
Gallery
CVE-2025-5093
Risk Score
Threat Entry
Updated 2025-06-04
CVE-2025-3742 - Gallery Plugin
The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
PLUGIN
Gallery
CVE-2025-3742
Risk Score
Threat Entry
Updated 2025-03-07
CVE-2024-13906 - Gallery Plugin
The Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.7.3 via deserialization of untrusted input in the 'import_gallery_from_csv' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain…
PLUGIN
Gallery
CVE-2024-13906
Risk Score
Threat Entry
Updated 2024-12-07
CVE-2024-11501 - Gallery Plugin
The Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3 via deserialization of untrusted input from wd_gallery_$id parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
PLUGIN
Gallery
CVE-2024-11501
Risk Score
Threat Entry
Updated 2024-09-25
CVE-2024-3899 - Gallery Plugin
The Gallery Plugin for WordPress WordPress plugin before 1.8.15 does not sanitise and escape some of its image settings, which could allow users with post-writing privilege such as Author to perform Cross-Site Scripting attacks.
PLUGIN
Gallery
CVE-2024-3899
Risk Score
Threat Entry
Updated 2024-09-27
CVE-2024-6870 - Gallery Plugin
The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping affecting the rl_upload_image AJAX endpoint. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the 3gp2 file.
PLUGIN
Gallery
CVE-2024-6870
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2023-6742 - Gallery Plugin
The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'envira_gallery_insert_images' function in all versions up to, and including, 1.8.7.1. This makes it possible for authenticated attackers, with contributor access and above, to modify galleries on other users' posts.
PLUGIN
Gallery
CVE-2023-6742
Risk Score
Threat Entry
Updated 2025-03-05
CVE-2023-0765 - Gallery Plugin
The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not properly escape values used in SQL queries, leading to an Blind SQL Injection vulnerability. The attacker must have at least the privileges of an Author, and the vendor's Slider plugin (https://wordpress.org/plugins/slider-bws/) must also be installed for this vulnerability to be exploitable.
PLUGIN
Gallery
CVE-2023-0765
Risk Score
Threat Entry
Updated 2025-02-06
CVE-2023-0764 - Gallery Plugin
The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not perform proper sanitization of gallery information, leading to a Stored Cross-Site Scription vulnerability. The attacker must have at least the privileges of the Author role.
PLUGIN
Gallery
CVE-2023-0764
Risk Score
Threat Entry
Updated 2025-05-07
CVE-2022-2190 - Gallery Plugin
The Gallery Plugin for WordPress plugin before 1.8.4.7 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers
PLUGIN
Gallery
CVE-2022-2190
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2022-1946 - Gallery Plugin
The Gallery WordPress plugin before 2.0.0 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue
PLUGIN
Gallery
CVE-2022-1946
Risk Score