WordPress Plugin Vulnerabilities

Photo Gallery by 10Web < 1.5.35 - SQL Injection & XSS

Description

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by a SQL Injection & XSS security vulnerability.

Affects Plugins

Plugin icon
photo-gallery
Fixed in 1.5.35

References

CVE
CVE-2019-16117
CVE
CVE-2019-16118
CVE
CVE-2019-16119

Miscellaneous

Verified
No
WPVDB ID
9875076d-e84e-4deb-a3d3-06d877b41085

Timeline

Publicly Published
2019-09-08 (about 6 years ago)
Added
2019-09-09 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2019-05-13
Title
Ultimate Member < 2.0.46 - Multiple Vulnerabilities
Published
2016-11-15
Title
NextGEN Gallery <= 2.1.56 - Authenticated Local File Inclusion (LFI) & SQLi
Published
2019-06-10
Title
Attendance Manager <= 0.5.6 - CSRF & XSS
Published
2014-08-01
Title
Mingle Forum <= 1.0.32.1 - Cross Site Scripting / SQL Injection
Published
2017-09-16
Title
Post Pay Counter < 2.731 - PHP Obj Injection & Access Control Issues