Unknown Wordpress Gallery Plugin vulnerabilities
3 known vulnerabilities affecting unknown/wordpress_gallery_plugin.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-3154HIGHCVSS 7.5fixed in 3.392023-10-16
CVE-2023-3154 [HIGH] CWE-502 CVE-2023-3154: The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to PHAR Deserialization due
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to PHAR Deserialization due to a lack of input parameter validation in the `gallery_edit` function, allowing an attacker to access arbitrary resources on the server.
cvelistv5nvd
CVE-2023-3155HIGHCVSS 7.2fixed in 3.392023-10-16
CVE-2023-3155 [HIGH] CWE-552 CVE-2023-3155: The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and D
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the `gallery_edit` function, allowing an attacker to access arbitrary resources on the server.
cvelistv5nvd
CVE-2023-3279MEDIUMCVSS 4.9fixed in 3.392023-10-16
CVE-2023-3279 [MEDIUM] CWE-22 CVE-2023-3279: The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes be
The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks
cvelistv5nvd