Gb-Plugins Gb Gallery Slideshow vulnerabilities
3 known vulnerabilities affecting gb-plugins/gb_gallery_slideshow.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2014-8375P3MEDIUMCVSS 6.5PoCv1.52014-10-21
CVE-2014-8375 [MEDIUM] CWE-89 CVE-2014-8375: SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress al
SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selected_group parameter in a gb_ajax_get_group action to wp-admin/admin-ajax.php.
nvd
CVE-2025-32649P4HIGHCVSS 7.1≤ 1.32025-04-17
CVE-2025-32649 [HIGH] CWE-79 CVE-2025-32649: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gb-plugins GB Gallery Slideshow gb-gallery-slideshow allows Reflected XSS.This issue affects GB Gallery Slideshow: from n/a through <= 1.3.
nvd
CVE-2025-31732P4MEDIUMCVSS 4.3≤ 1.32025-04-01
CVE-2025-31732 [MEDIUM] CWE-862 CVE-2025-31732: Missing Authorization vulnerability in gb-plugins GB Gallery Slideshow gb-gallery-slideshow allows E
Missing Authorization vulnerability in gb-plugins GB Gallery Slideshow gb-gallery-slideshow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GB Gallery Slideshow: from n/a through <= 1.3.
nvd