Wpchill Modula_image_gallery

5 CVEs affecting Wpchill Modula_image_gallery. Latest disclosed: 2025-12-03. Critical: 0, High: 3.

Top CVEs affecting Wpchill Modula_image_gallery
CVESeverityScorePublishedSummary
CVE-2024-12853High8.82025-01-08The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in al…
CVE-2025-13646High7.52025-12-03The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_unzip_file' function in…
CVE-2025-13645High7.22025-12-03The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajax_unzip_file' functi…
CVE-2024-9416Medium6.42025-04-03The Modula Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions <= 5…
CVE-2020-9003Medium5.42020-02-20A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. Successful exploitation of this vulnerability would allow an a…