Skip to main content

Contest Gallery EUVDEUVD-2026-36825

| CVE-2026-42660 MEDIUM
Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497)
2026-06-15 Patchstack GHSA-vcff-hh69-qfjw
6.5
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
6.5 MEDIUM

Network-accessible WordPress endpoint requires only a subscriber account (PR:L); pure read-only data leak yields C:H with no integrity or availability impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jun 15, 2026 - 23:00 vuln.today

DescriptionCVE.org

Subscriber Sensitive Data Exposure in Contest Gallery <= 28.1.7 versions.

AnalysisAI

Sensitive data exposure in the Contest Gallery WordPress plugin (versions <= 28.1.7) allows authenticated subscribers to access confidential information they are not authorized to view. The vulnerability stems from insufficient access control over data retrieval endpoints within the plugin, permitting low-privileged WordPress users to read sensitive data with high confidentiality impact. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog, but the low complexity and remote exploitability make it a credible risk for WordPress sites with open subscriber registration.

Technical ContextAI

Contest Gallery is a WordPress photo contest and gallery management plugin developed by Wasiliy Strecker, identified in CPE as cpe:2.3:a:wasiliy_strecker:contest_gallery:*:*:*:*:*:*:*:*. The root cause is classified as CWE-497 (Exposure of Sensitive System Information to an Unauthorized Control Sphere), meaning the plugin exposes data - likely contest entries, participant details, or internal plugin data - to user roles (subscribers) that should not have read access to it. WordPress subscriber accounts are the lowest authenticated user tier and are obtainable via open registration on most WordPress sites. The flaw likely exists in an AJAX handler, REST API endpoint, or admin-accessible function that fails to verify the requesting user's capability level before returning sensitive data.

RemediationAI

Update the Contest Gallery plugin to a version beyond 28.1.7 immediately; the Patchstack advisory (https://patchstack.com/database/wordpress/plugin/contest-gallery/vulnerability/wordpress-contest-gallery-plugin-28-1-7-sensitive-data-exposure-vulnerability) should be consulted for the confirmed fixed release version, as no specific patch version number was available in the input data. If an immediate update is not possible, disable open subscriber registration on the WordPress site (Settings > General > uncheck 'Anyone can register') to prevent unauthenticated users from obtaining the subscriber role needed to exploit this flaw - note this may impact legitimate site functionality if subscriber registration is part of the contest workflow. Additionally, review WordPress user accounts for unexpected subscriber-level registrations that may indicate prior reconnaissance or exploitation attempts. Monitor plugin update availability via the WordPress plugin repository or Patchstack alerts.

CVE-2021-24915 CRITICAL POC
9.8 Nov 29

The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not sanitise or escape the

CVE-2022-4158 HIGH POC
7.5 Dec 26

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape

CVE-2022-4156 HIGH POC
7.5 Dec 26

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape

CVE-2022-4166 MEDIUM POC
6.5 Dec 26

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape

CVE-2022-4165 MEDIUM POC
6.5 Dec 26

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape

CVE-2022-4164 MEDIUM POC
6.5 Dec 26

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape

CVE-2022-4163 MEDIUM POC
6.5 Dec 26

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape

CVE-2022-4162 MEDIUM POC
6.5 Dec 26

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape

CVE-2022-4161 MEDIUM POC
6.5 Dec 26

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape

CVE-2022-4160 MEDIUM POC
6.5 Dec 26

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape

CVE-2022-4159 MEDIUM POC
6.5 Dec 26

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape

CVE-2022-4153 MEDIUM POC
6.5 Dec 26

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape

Share

EUVD-2026-36825 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy