Smub Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More
6 CVEs affecting Smub Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More. Latest disclosed: 2026-05-14. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-5361 | Medium | 6.4 | 2026-05-14 | The Envira Gallery Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in versions up to and including 1.12.4. This is due… |
CVE-2026-1236 | Medium | 6.4 | 2026-03-04 | The Envira Gallery for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'justified_gallery_theme' parameter in all versions… |
CVE-2024-5020 | Medium | 6.4 | 2024-12-04 | Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions 1.3.4 to 3.5.7) in… |
CVE-2025-12377 | Medium | 4.3 | 2025-11-13 | The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability che… |
CVE-2025-11448 | Medium | 4.3 | 2025-11-08 | The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability che… |
CVE-2023-6742 | Medium | 4.3 | 2024-01-11 | The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability c… |