10web Photo Gallery By 10web – Mobile-friendly Image Gallery
10 CVEs affecting 10web Photo Gallery By 10web – Mobile-friendly Image Gallery. Latest disclosed: 2026-05-28. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-0221 | Critical | 9.1 | 2024-02-05 | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8… |
CVE-2024-5481 | Medium | 6.8 | 2024-06-07 | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 vi… |
CVE-2026-7048 | Medium | 6.5 | 2026-05-28 | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order_by' parameter in… |
CVE-2024-5426 | Medium | 6.4 | 2024-06-07 | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘svg’ parameter in all ver… |
CVE-2025-2269 | Medium | 6.1 | 2025-04-11 | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘image_id’ parameter in… |
CVE-2024-2296 | Medium | 5.5 | 2024-04-06 | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versio… |
CVE-2026-1036 | Medium | 5.3 | 2026-01-21 | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability… |
CVE-2024-9878 | Medium | 4.4 | 2024-11-05 | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions… |
CVE-2023-6924 | Medium | 4.4 | 2024-01-11 | The Photo Gallery by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in versions up to, and including, 1.8.18 due to insuff… |
CVE-2021-24310 | | 2021-06-01 | The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege… |