VYPR

Gmedia Photo Gallery

by WordPress

CVEs (2)

  • CVE-2025-53257HigJun 27, 2025
    risk 0.49cvss 7.5epss 0.00

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Serhii Pasyuk Gmedia Photo Gallery grand-media allows PHP Local File Inclusion.This issue affects Gmedia Photo Gallery: from n/a through <= 1.23.0.

  • CVE-2022-0873MedMay 16, 2022
    risk 0.31cvss 4.8epss 0.01

    The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the Album's name before outputting it in pages/posts with a media embed, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the…