Vulnerabilities (CVE)

Filtered by vendor 10web Subscribe

Filtered by product Photo Gallery

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-9380	1 10web	1 Photo Gallery	2019-09-03	6.8 MEDIUM	8.8 HIGH
The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
CVE-2017-12977	1 10web	1 Photo Gallery	2019-07-08	6.5 MEDIUM	7.2 HIGH
The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter.
CVE-2014-9312	1 10web	1 Photo Gallery	2019-07-08	6.5 MEDIUM	8.8 HIGH
Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.