10Web Photo Gallery vulnerabilities
49 known vulnerabilities affecting 10web/photo_gallery.
Total CVEs
49
CISA KEV
0
Public exploits
7
Exploited in wild
3
Severity breakdown
CRITICAL5HIGH6MEDIUM37LOW1
Vulnerabilities
Page 1 of 3
CVE-2022-0169P1CRITICALCVSS 9.8ExploitedPoCfixed in 1.6.02022-03-14
CVE-2022-0169 [CRITICAL] CWE-89 CVE-2022-0169: The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id
The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL injection
nvd
CVE-2021-24139P2CRITICALCVSS 9.8ExploitedPoCfixed in 1.5.552021-03-18
CVE-2021-24139 [CRITICAL] CWE-89 CVE-2021-24139: Unvalidated input in the Photo Gallery (10Web Photo Gallery) WordPress plugin, versions before 1.5.5
Unvalidated input in the Photo Gallery (10Web Photo Gallery) WordPress plugin, versions before 1.5.55, leads to SQL injection via the frontend/models/model.php bwg_search_x parameter.
nvd
CVE-2022-1281P1CRITICALCVSS 9.8Exploited≤ 1.6.32022-05-02
CVE-2022-1281 [CRITICAL] CWE-89 CVE-2022-1281: The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST['filter_tag'] p
The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST['filter_tag'] parameter, which is appended to an SQL query, making SQL Injection attacks possible.
nvd
CVE-2014-9312P2HIGHCVSS 8.8PoCv1.2.52017-08-28
CVE-2014-9312 [HIGH] CWE-434 CVE-2014-9312: Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.
Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.
nvd
CVE-2019-16119P2CRITICALCVSS 9.8PoCfixed in 1.5.352019-09-08
CVE-2019-16119 [CRITICAL] CWE-89 CVE-2019-16119: SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists v
SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php album_id parameter.
nvd
CVE-2021-24291P3MEDIUMCVSS 6.1PoCfixed in 1.5.692021-05-14
CVE-2021-24291 [MEDIUM] CWE-79 CVE-2021-24291: The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulner
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET parameters passed to the bwg_frontend_data AJAX action (available to both unauthenticated and authenticated users)
nvd
CVE-2019-14313P2CRITICALCVSS 9.8fixed in 1.5.312019-07-30
CVE-2019-14313 [CRITICAL] CWE-89 CVE-2019-14313: A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress.
A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php.
nvd
CVE-2019-16118P3MEDIUMCVSS 6.1PoCfixed in 1.5.352019-09-08
CVE-2019-16118 [MEDIUM] CWE-79 CVE-2019-16118: Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordP
Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php.
nvd
CVE-2019-16117P3MEDIUMCVSS 6.1PoCfixed in 1.5.352019-09-08
CVE-2019-16117 [MEDIUM] CWE-79 CVE-2019-16117: Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordP
Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/models/Galleries.php.
nvd
CVE-2024-5481P3HIGHCVSS 8.8fixed in 1.8.242024-06-07
CVE-2024-5481 [HIGH] CWE-35 CVE-2024-5481: The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Pat
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut
nvd
CVE-2024-0221P3HIGHCVSS 7.2fixed in 1.8.202024-02-05
CVE-2024-0221 [HIGH] CWE-22 CVE-2024-0221: The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Dir
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This makes it possible for authenticated attackers to rename arbitrary files on the server. This can lead to site takeovers if the wp-config.php file of a site can
nvd
CVE-2015-1055P3HIGHCVSS 7.5v1.2.72015-01-16
CVE-2015-1055 [HIGH] CWE-89 CVE-2015-1055: SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote attackers
SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the order_by parameter in a GalleryBox action to wp-admin/admin-ajax.php.
nvd
CVE-2017-12977P3HIGHCVSS 7.2≤ 1.3.502017-08-21
CVE-2017-12977 [HIGH] CWE-89 CVE-2017-12977: The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress h
The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter.
nvd
CVE-2015-1393P3MEDIUMCVSS 6.5≤ 1.2.92015-02-02
CVE-2015-1393 [MEDIUM] CWE-89 CVE-2015-1393: SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote au
SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php.
nvd
CVE-2015-9380P4HIGHCVSS 8.8fixed in 1.2.422019-08-30
CVE-2015-9380 [HIGH] CWE-352 CVE-2015-9380: The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
nvd
CVE-2019-14798P4MEDIUMCVSS 4.9fixed in 1.5.252019-08-09
CVE-2019-14798 [MEDIUM] CWE-22 CVE-2019-14798: The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion vi
The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter.
nvd
CVE-2024-29832P4MEDIUMCVSS 6.1fixed in 1.8.222024-03-26
CVE-2024-29832 [MEDIUM] CWE-79 CVE-2024-29832: The current_url parameter of the AJAX call to the GalleryBox action of admin-ajax.php is vulnerable
The current_url parameter of the AJAX call to the GalleryBox action of admin-ajax.php is vulnerable to reflected Cross Site Scripting. The value of the current_url parameter is embedded within an existing JavaScript within the response allowing arbitrary JavaScript to be inserted and executed. No authentication is required to exploit this issue.
Note
nvd
CVE-2024-29833P4MEDIUMCVSS 5.4fixed in 1.8.222024-03-26
CVE-2024-29833 [MEDIUM] CWE-79 CVE-2024-29833: The image upload component allows SVG files and the regular expression used to remove script tags ca
The image upload component allows SVG files and the regular expression used to remove script tags can be bypassed by using a Cross Site Scripting payload which does not match the regular expression; one example of this is the inclusion of whitespace within the script tag. An attacker must target an authenticated user with permissions to access this f
nvd
CVE-2025-0613P4MEDIUMCVSS 6.1fixed in 1.8.342025-03-31
CVE-2025-0613 [MEDIUM] CWE-79 CVE-2025-0613: The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment ad
The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users, leading to an Unauthenticated Stored-XSS attack when comments are displayed
nvd
CVE-2021-24363P4MEDIUMCVSS 4.9fixed in 1.5.752021-08-16
CVE-2021-24363 [MEDIUM] CWE-22 CVE-2021-24363: The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not en
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector
nvd
1 / 3Next →