Contest Gallery
CVEs (43)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-4161 | 0.00 | — | 0.01 | Dec 26, 2022 | The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_copy_start POST parameter before concatenating it to an SQL query in copy-gallery-images.php. This may allow malicious users with at least author… | |||
| CVE-2022-45848 | 0.00 | — | 0.00 | Dec 6, 2022 | Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 13.1.0.9 on WordPress. | |||
| CVE-2019-5974 | 0.00 | — | 0.01 | Jul 5, 2019 | Cross-site request forgery (CSRF) vulnerability in Contest Gallery versions prior to 10.4.5 allows remote attackers to hijack the authentication of administrators via unspecified vectors. |
- CVE-2022-4161Dec 26, 2022risk 0.00cvss —epss 0.01
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_copy_start POST parameter before concatenating it to an SQL query in copy-gallery-images.php. This may allow malicious users with at least author…
- CVE-2022-45848Dec 6, 2022risk 0.00cvss —epss 0.00
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 13.1.0.9 on WordPress.
- CVE-2019-5974Jul 5, 2019risk 0.00cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in Contest Gallery versions prior to 10.4.5 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Page 3 of 3