VYPR

Easy Gallery

by WordPress

CVEs (3)

  • CVE-2024-9018HigOct 1, 2024
    risk 0.57cvss 8.8epss 0.00

    The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘key’ parameter in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation…

  • CVE-2024-51570HigNov 9, 2024
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in odihost Easy Gallery simple-gallery-odihost allows SQL Injection.This issue affects Easy Gallery: from n/a through <= 1.4.

  • CVE-2025-23487HigMar 3, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in odihost Easy Gallery simple-gallery-odihost allows Reflected XSS.This issue affects Easy Gallery: from n/a through <= 1.4.