VYPR

Multi Gallery

by WordPress

Source repositories

CVEs (1)

  • CVE-2024-11501HigDec 7, 2024
    risk 0.57cvss 8.8epss 0.01

    The Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3 via deserialization of untrusted input from wd_gallery_$id parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to…