Wpchill Modula Image Gallery – Photo Grid & Video Gallery

6 CVEs affecting Wpchill Modula Image Gallery – Photo Grid & Video Gallery. Latest disclosed: 2026-02-14. Critical: 0, High: 1.

Top CVEs affecting Wpchill Modula Image Gallery – Photo Grid & Video Gallery
CVESeverityScorePublishedSummary
CVE-2024-12853High8.82025-01-08The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in al…
CVE-2025-13891Medium6.52025-12-12The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.13.3. This is due t…
CVE-2024-9416Medium6.42025-04-03The Modula Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions <= 5…
CVE-2026-1254Medium4.32026-02-14The Modula Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.13.6…
CVE-2025-14003Medium4.32025-12-15The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the…
CVE-2025-12494Medium4.32025-11-15The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the aj…