GCVE - cpe:2.3:a:wpdevart:gallery:*:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:wpdevart:gallery:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

Vendor	Wpdevart (`62458400-5314-5c71-819c-4b29c90460da`)
Product	Gallery (`c0d1fda6-2a88-5b97-a694-6686b4e7995e`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-37542`	vulnerable	2026-06-03 14:56:06.959514	WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability MEDIUM (5.4) Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3. Published: 2024-07-06T12:40:29.105Z Updated: 2026-04-28T16:10:00.758Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-broken-access-control-vulnerability-2?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-35750`	vulnerable	2026-06-03 14:56:02.956811	WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - SQL Injection vulnerability HIGH (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3. Published: 2024-06-08T12:37:30.658Z Updated: 2026-04-28T16:09:54.560Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-31120`	vulnerable	2026-06-03 14:55:39.119505	WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Stored XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3. Published: 2024-03-31T18:48:30.646Z Updated: 2026-04-28T16:09:28.272Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-cross-site-scripting-xss-vulnerability-2?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-30550`	vulnerable	2026-06-03 14:55:38.587666	WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Reflected Cross Site Scripting (XSS) vulnerability HIGH (7.1) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Reflected XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3. Published: 2024-03-31T19:57:44.039Z Updated: 2026-04-28T16:09:26.684Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-45631`	vulnerable	2026-06-03 14:53:08.266759	WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability MEDIUM (4.3) Missing Authorization vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3. Published: 2025-01-02T11:59:52.114Z Updated: 2026-04-28T16:08:43.453Z Open on db.gcve.eu Reference links https://patchstack.com/database/wordpress/plugin/gallery-album/vulnerability/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-45630`	vulnerable	2026-06-03 14:53:08.264717	WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS) HIGH (7.1) Unauth. Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 versions. Published: 2023-10-18T13:31:49.297Z Updated: 2026-04-28T16:08:43.364Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-1946`	vulnerable	2026-06-03 14:45:59.955922	Gallery < 2.0.0 - Reflected Cross-Site Scripting The Gallery WordPress plugin before 2.0.0 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue Published: 2022-07-04T13:05:50.000Z Updated: 2024-08-03T00:24:43.005Z Open on db.gcve.eu Reference links https://wpscan.com/vulnerability/0903920c-be2e-4515-901f-87253eb30940	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.