Wpchill Modula Image Gallery – Photo Grid & Video Gallery
6 CVEs affecting Wpchill Modula Image Gallery – Photo Grid & Video Gallery. Latest disclosed: 2026-02-14. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-12853 | High | 8.8 | 2025-01-08 | The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in al… |
CVE-2025-13891 | Medium | 6.5 | 2025-12-12 | The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.13.3. This is due t… |
CVE-2024-9416 | Medium | 6.4 | 2025-04-03 | The Modula Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions <= 5… |
CVE-2026-1254 | Medium | 4.3 | 2026-02-14 | The Modula Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.13.6… |
CVE-2025-14003 | Medium | 4.3 | 2025-12-15 | The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the… |
CVE-2025-12494 | Medium | 4.3 | 2025-11-15 | The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the aj… |