Skip to main content

Wp Easy Gallery

3 CVEs product

Monthly

CVE-2024-9018 HIGH This Week

The WP Easy Gallery - WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘key’ parameter in all versions up to, and including, 4.8.5 due to insufficient. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi WordPress Wp Easy Gallery
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-8437 MEDIUM This Month

The WP Easy Gallery - WordPress Gallery Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions hooked via AJAX like wpeg_settings and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Wp Easy Gallery
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-8436 CRITICAL Act Now

The WP Easy Gallery - WordPress Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'edit_imageId' and 'edit_imageDelete' parameters in all versions up to, and including, 4.8.5. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi WordPress Wp Easy Gallery
NVD
CVSS 3.1
9.9
EPSS
0.5%
EPSS 0% CVSS 8.8
HIGH This Week

The WP Easy Gallery - WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘key’ parameter in all versions up to, and including, 4.8.5 due to insufficient. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi WordPress Wp Easy Gallery
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The WP Easy Gallery - WordPress Gallery Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions hooked via AJAX like wpeg_settings and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Wp Easy Gallery
NVD
EPSS 0% CVSS 9.9
CRITICAL Act Now

The WP Easy Gallery - WordPress Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'edit_imageId' and 'edit_imageDelete' parameters in all versions up to, and including, 4.8.5. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi WordPress Wp Easy Gallery
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy