Ays-pro Photo_gallery
6 CVEs affecting Ays-pro Photo_gallery. Latest disclosed: 2024-07-09. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-10921 | Critical | 9.8 | 2019-08-22 | The gallery-photo-gallery plugin before 1.0.1 for WordPress has SQL injection. |
CVE-2021-24462 | High | 8.8 | 2021-08-02 | The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin before 4.4.4 did not use whi… |
CVE-2023-32107 | High | 7.1 | 2023-08-18 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.1.3 versions. |
CVE-2023-2568 | Medium | 6.1 | 2023-06-12 | The Photo Gallery by Ays WordPress plugin before 5.1.7 does not escape some parameters before outputting it back in attributes, leading to Reflected Cross-Site… |
CVE-2023-39917 | Medium | 4.3 | 2023-10-03 | Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.2.6 versions. |
CVE-2024-37442 | Low | 3.8 | 2024-07-09 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Photo Gallery Team Photo Gallery by Ays all… |