WordPress Plugin Vulnerabilities

WP Easy Gallery < 2.7.3 - Cross-Site Request Forgery (CSRF)

Description

The WP Easy Gallery – WordPress Gallery Plugin WordPress plugin was affected by a Cross-Site Request Forgery (CSRF) security vulnerability.

Affects Plugins

Plugin icon
wp-easy-gallery
Fixed in 2.7.3

References

URL
https://plugins.trac.wordpress.org/changeset?reponame=&old=669527@wp-easy-gallery&new=669527@wp-easy-gallery

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Verified
No
WPVDB ID
e7306bd4-5a82-4122-aafc-a2a27b8e51c9

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2023-02-16
Title
Protected Posts Logout Button < 1.4.5 - Settings Update via CSRF
Published
2025-04-24
Title
Wp Custom CMS Block <= 2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2025-01-16
Title
WP Custom Google Search <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2023-12-28
Title
WPC Product Bundles for WooCommerce < 7.3.2 - Cross-Site Request Forgery
Published
2023-10-16
Title
Snap Pixel < 1.6.0 - Arbitrary Settings Update via CSRF