Contest-gallery Contest Gallery – Upload & Vote Photos, Media, Sell With Paypal & Stripe
12 CVEs affecting Contest-gallery Contest Gallery – Upload & Vote Photos, Media, Sell With Paypal & Stripe. Latest disclosed: 2026-05-19. Critical: 2, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-11103 | Critical | 9.8 | 2024-11-28 | The Contest Gallery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 24.0.7. This is due t… |
CVE-2024-10687 | Critical | 9.8 | 2024-11-05 | The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons plugin for WordPress is… |
CVE-2026-4021 | High | 8.1 | 2026-03-23 | The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeover in all versions up to, and including, 28.1… |
CVE-2026-8912 | High | 7.5 | 2026-05-19 | The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'form_input' parameter in versions up to, and including, 28.1.6. This is due to… |
CVE-2026-3180 | High | 7.5 | 2026-03-02 | The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to blind SQL Injection via the ‘cgLostPasswordE… |
CVE-2025-7725 | High | 7.2 | 2025-08-01 | The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugi… |
CVE-2025-1513 | High | 7.2 | 2025-02-28 | The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons plugin for Wo… |
CVE-2025-10383 | Medium | 6.4 | 2025-10-04 | The Contest Gallery – Upload, Vote & Sell with PayPal and Stripe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple form field para… |
CVE-2025-6716 | Medium | 6.4 | 2025-07-11 | The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugi… |
CVE-2025-3862 | Medium | 6.4 | 2025-05-08 | Contest Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 26.0.6 due to in… |
CVE-2025-12849 | Medium | 5.3 | 2025-11-15 | The Contest Gallery plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 28.0.2. This is due to the plugin register… |
CVE-2025-11254 | Medium | 4.3 | 2025-10-11 | The Contest Gallery – Upload, Vote & Sell with PayPal and Stripe plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 27.0… |