Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-04-15
CVE-2026-1036 - Photo Gallery by 10Web – Mobile-Friendly Image Gallery Plugin
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_comment() function in all versions up to, and including, 1.8.36. This makes it possible for unauthenticated attackers to delete arbitrary image comments. Note: comments functionality is only available in the Pro version of the plugin.
PLUGIN
Photo Gallery by 10Web – Mobile-Friendly Image Gallery
CVE-2026-1036
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24310 - Photo Gallery By 10web Mobile Friendly Image Gallery Plugin
The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery in the admin dashboard. This is due to an incomplete fix of CVE-2019-16117
PLUGIN
Photo Gallery By 10web Mobile Friendly Image Gallery
CVE-2021-24310
Risk Score