WordPress Plugin Vulnerabilities

Gallery Plugin for WordPress – Envira Photo Gallery < 1.12.1 - Missing Authorization to Authenticated (Author+) Multiple Gallery Actions

Description

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.12.0. This makes it possible for authenticated attackers, with Author-level access and above, to perform multiple actions, such as removing images from arbitrary galleries. The vulnerability was partially patched in version 1.12.0.

Affects Plugins

Plugin icon
envira-gallery-lite
Fixed in 1.12.1

References

CVE
CVE-2025-12377
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/69a0d985-cc85-45ba-889d-1ed30d06f9ce

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Dmitrii Ignatyev
Verified
No
WPVDB ID
dc0e7f82-d7f9-445e-99be-663a1669558d

Timeline

Publicly Published
2025-11-12 (about 6 months ago)
Added
2025-11-12 (about 6 months ago)
Last Updated
2025-12-15 (about 5 months ago)

Other

Published
Title
Published
2023-09-18
Title
Super Store Finder < 6.9.4 - Unauthenticated Email Creation/Sending
Published
2025-03-21
Title
ProfileGrid – User Profiles, Groups and Communities < 5.9.4.5 - Missing Authorinzation to Authenticated (Subscriber+) Join Group Requests Management
Published
2025-09-10
Title
Time Tracker < 3.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Limited Data Deletion
Published
2025-07-21
Title
The E-Commerce ERP <= 2.1.1.3 - Missing Authorization
Published
2024-04-25
Title
XStore < 9.3.9 - Missing Authorization