WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Get started
WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Get started
WordPress Plugin Vulnerabilities
Contest Gallery – Files Upload and Contest Plugin for WordPress
2021-12-20
Contest Gallery < 14.0.0 - Author+ Stored Cross-Site Scripting
Fixed in version 14.0.0
2021-11-01
Contest Gallery < 13.1.0.7 - Subscriber+ Email Address Disclosure
Fixed in version 13.1.0.7
2021-11-01
Contest Gallery < 13.1.0.6 - Missing Access Controls to Unauthenticated SQL injection / Email Address Disclosure
Fixed in version 13.1.0.6
2019-06-12
Contest Gallery <= 10.4.4 - Cross-Site Request Forgery (CSRF)
Fixed in version 10.4.5
Fixed in version 13.1.0.7Fixed in version 13.1.0.6Fixed in version 13.1.0.7Fixed in version 13.1.0.6