Vendor

WP Chill

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2026-23976	WordPress Modula Best Grid Gallery	Med	0.38	5.9	0.00	Jan 22, 2026	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Modula Image Gallery modula-best-grid-gallery allows Stored XSS.This issue affects Modula Image Gallery: from n/a through <= 2.13.4.
CVE-2026-27424	WordPress Final Tiles Grid Gallery Lite	Med	0.28	4.3	—	May 20, 2026	Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Photo Gallery Final Tiles Grid: from n/a through 3.6.11.
CVE-2026-25375	WP Chill Image Photo Gallery Final Tiles Grid	Med	0.28	4.3	0.00	Feb 19, 2026	Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.10.
CVE-2026-39510	WordPress Final Tiles Grid Gallery Lite	Low	0.18	2.7	0.00	Apr 8, 2026	Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.11.

CVE-2026-23976MedJan 22, 2026
WordPress
Modula Best Grid Gallery
risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Modula Image Gallery modula-best-grid-gallery allows Stored XSS.This issue affects Modula Image Gallery: from n/a through <= 2.13.4.
CVE-2026-27424MedMay 20, 2026
WordPress
Final Tiles Grid Gallery Lite
risk 0.28cvss 4.3epss —
Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Photo Gallery Final Tiles Grid: from n/a through 3.6.11.
CVE-2026-25375MedFeb 19, 2026
WP Chill
Image Photo Gallery Final Tiles Grid
risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.10.
CVE-2026-39510LowApr 8, 2026
WordPress
Final Tiles Grid Gallery Lite
risk 0.18cvss 2.7epss 0.00
Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.11.