Product:

Photo_gallery

(Ays\-Pro)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 6
Date Id Summary Products Score Patch Annotated
2024-07-09 CVE-2024-37442 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Photo Gallery Team Photo Gallery by Ays allows Code Injection.This issue affects Photo Gallery by Ays: from n/a before 5.7.1. Photo_gallery 5.5
2021-08-02 CVE-2021-24462 The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin before 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard Photo_gallery 8.8
2023-06-12 CVE-2023-2568 The Photo Gallery by Ays WordPress plugin before 5.1.7 does not escape some parameters before outputting it back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin Photo_gallery 6.1
2023-10-03 CVE-2023-39917 Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.2.6 versions. Photo_gallery 8.8
2023-08-18 CVE-2023-32107 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.1.3 versions. Photo_gallery 6.1
2019-08-22 CVE-2016-10921 The gallery-photo-gallery plugin before 1.0.1 for WordPress has SQL injection. Photo_gallery 9.8