VYPR

WP Easy Gallery

by WordPress

CVEs (2)

  • CVE-2024-8436CriSep 25, 2024
    risk 0.64cvss 9.9epss 0.00

    The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'edit_imageId' and 'edit_imageDelete' parameters in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of…

  • CVE-2024-8437MedSep 25, 2024
    risk 0.28cvss 4.3epss 0.00

    The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions hooked via AJAX like wpeg_settings and wpeg_add_gallery in all versions up to, and including, 4.8.5. This makes it…