VYPR

Cool Video Gallery

by WordPress

CVEs (3)

  • CVE-2024-10247HigDec 6, 2024
    risk 0.40cvss 7.2epss 0.01

    The Video Gallery – Best WordPress YouTube Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the orderby parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient…

  • CVE-2024-9769MedDec 6, 2024
    risk 0.29cvss 4.4epss 0.00

    The Video Gallery – Best WordPress YouTube Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2015-7527Dec 17, 2015
    risk 0.00cvss epss 0.05

    lib/core.php in the Cool Video Gallery plugin 1.9 for WordPress allows remote attackers to execute arbitrary code via shell metacharacters in the "Width of preview image" and possibly other input fields in the "Video Gallery Settings" page.