Gallery Images Ape
by WordPress
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-25149 | Hig | 0.49 | 7.6 | 0.01 | Jun 7, 2023 | The Gallery Images Ape plugin for WordPress is vulnerable to Arbitrary Plugin Deactivation in versions up to, and including, 2.0.6. This allows authenticated attackers with any capability level to deactivate any plugin on the site, including plugins necessary to site… | ||
| CVE-2025-22317 | Hig | 0.46 | 7.1 | 0.00 | Jan 15, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gallery Ape Photo Gallery – Image Gallery by Ape gallery-images-ape allows Reflected XSS.This issue affects Photo Gallery – Image Gallery by Ape: from n/a through <= 2.2.8. | ||
| CVE-2022-41785 | Med | 0.35 | 5.4 | 0.00 | Mar 21, 2023 | Auth. (contributor+) Stored Cross-Site Scripting vulnerability in Galleryape Gallery Images Ape plugin <= 2.2.8 versions. | ||
| CVE-2022-41995 | Med | 0.28 | 4.3 | 0.00 | Jan 2, 2025 | Missing Authorization vulnerability in Galleryape Gallery Images Ape allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gallery Images Ape: from n/a through 2.2.8. |
- risk 0.49cvss 7.6epss 0.01
The Gallery Images Ape plugin for WordPress is vulnerable to Arbitrary Plugin Deactivation in versions up to, and including, 2.0.6. This allows authenticated attackers with any capability level to deactivate any plugin on the site, including plugins necessary to site…
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gallery Ape Photo Gallery – Image Gallery by Ape gallery-images-ape allows Reflected XSS.This issue affects Photo Gallery – Image Gallery by Ape: from n/a through <= 2.2.8.
- risk 0.35cvss 5.4epss 0.00
Auth. (contributor+) Stored Cross-Site Scripting vulnerability in Galleryape Gallery Images Ape plugin <= 2.2.8 versions.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Galleryape Gallery Images Ape allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gallery Images Ape: from n/a through 2.2.8.