Gallery For Social Photo

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:ghozylab:gallery_for_social_photo:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorGhozylab (33c2dab5-504d-5881-b929-cf857c38db21)
ProductGallery For Social Photo (99e623c4-1025-50be-a8be-9f7aa53dc3d1)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/wpplugins/feed-instagram-lite purl2cpe 2026-06-01 10:13:18.037655

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-26742 vulnerable 2026-06-08 07:14:50.377963 WordPress Gallery for Social Photo plugin <= 1.0.0.35 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Gallery for Social Photo feed-instagram-lite allows Stored XSS.This issue affects Gallery for Social Photo: from n/a through <= 1.0.0.35.
Published: 2025-03-25T14:37:51.811Z
Updated: 2026-04-28T16:11:39.878Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-2224 vulnerable 2026-06-08 05:43:35.041785 Gallery for Social Photo <= 1.0.0.27 - Cross-Site Request Forgery to Post Duplication
MEDIUM (5.4)
The WordPress plugin Gallery for Social Photo is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.0.27 due to failure to properly check for the existence of a nonce in the function gifeed_duplicate_feed. This make it possible for unauthenticated attackers to duplicate existing posts or pages granted they can trick a site administrator into performing an action such as clicking on a link.
Published: 2022-07-18T16:18:58.000Z
Updated: 2026-04-08T17:21:11.022Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.