VYPR

Modula Image Gallery

by WP Chill

CVEs (2)

  • CVE-2024-12853HigJan 8, 2025
    risk 0.57cvss 8.8epss 0.01

    The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 2.11.10. This makes it possible for authenticated attackers, with Author-level access…

  • CVE-2026-23976MedJan 22, 2026
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Modula Image Gallery modula-best-grid-gallery allows Stored XSS.This issue affects Modula Image Gallery: from n/a through <= 2.13.4.