VYPR

Contest Gallery

by WordPress

Source repositories

CVEs (45)

  • CVE-2022-4161Dec 26, 2022
    risk 0.00cvss epss 0.01

    The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_copy_start POST parameter before concatenating it to an SQL query in copy-gallery-images.php. This may allow malicious users with at least author…

  • CVE-2022-45848Dec 6, 2022
    risk 0.00cvss epss 0.00

    Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 13.1.0.9 on WordPress.

  • CVE-2022-36394Aug 23, 2022
    risk 0.00cvss epss 0.01

    Authenticated (author+) SQL Injection (SQLi) vulnerability in Contest Gallery plugin <= 17.0.4 at WordPress.

  • CVE-2022-27853Apr 18, 2022
    risk 0.00cvss epss 0.01

    Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) in Contest Gallery (WordPress plugin) <= 13.1.0.9

  • CVE-2019-5974Jul 5, 2019
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Contest Gallery versions prior to 10.4.5 allows remote attackers to hijack the authentication of administrators via unspecified vectors.

Page 3 of 3