Gallery
by WordPress
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-26778 | Med | 0.38 | 5.9 | 0.00 | Feb 17, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Gallery gallery allows Stored XSS.This issue affects Gallery: from n/a through <= 2.2.1. | ||
| CVE-2022-1946 | 0.00 | — | 0.01 | Jul 4, 2022 | The Gallery WordPress plugin before 2.0.0 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue |
- risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Gallery gallery allows Stored XSS.This issue affects Gallery: from n/a through <= 2.2.1.
- CVE-2022-1946Jul 4, 2022risk 0.00cvss —epss 0.01
The Gallery WordPress plugin before 2.0.0 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue