WordPress Plugin Vulnerabilities

WordPress Video Gallery <= 2.8 - Multiple Cross-Site Request Forgery (CSRF)

Description

The contus-video-gallery WordPress plugin was affected by a Multiple Cross-Site Request Forgery (CSRF) security vulnerability.

Affects Plugins

Plugin icon
contus-video-gallery
No known fix

References

Exploitdb
36610

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
1142434c-0b9e-4dfd-89c5-a64ee344cd99

Timeline

Publicly Published
2015-04-02 (about 11 years ago)
Added
2015-04-07 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2025-12-04
Title
User Generator and Importer <= 1.2.2 - Cross-Site Request Forgery to Privilege Escalation via Arbitrary Administrator Account Creation
Published
2025-03-03
Title
Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction < 2.6.3 - Cross-Site Request Forgery
Published
2022-04-27
Title
WP-Invoice <= 4.3.1 - Arbitrary Settings Update via CSRF
Published
2024-12-12
Title
Like in Vk.com <= 0.5.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2025-06-05
Title
Quick Event Calendar <= 1.4.9 - Cross-Site Request Forgery