4.3
CVE-2026-27424
- EPSS 0.21%
- Veröffentlicht 20.05.2026 13:16:16
- Zuletzt bearbeitet 20.05.2026 13:54:54
- Quelle audit@patchstack.com
- CVE-Watchlists
- Unerledigt
WordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.11 - Broken Access Control vulnerability
Image Photo Gallery Final Tiles Grid <= 3.6.11 - Missing Authorization
Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Photo Gallery Final Tiles Grid: from n/a through 3.6.11.
Mögliche Gegenmaßnahme
Image Photo Gallery Final Tiles Grid: Update to version 3.6.12, or a newer patched version
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerWP Chill
≫
Produkt
Image Photo Gallery Final Tiles Grid
Default Statusunaffected
Version <=
3.6.11
Version
n/a
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginWeitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Image Photo Gallery Final Tiles Grid
Version
*-3.6.11
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.106 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| audit@patchstack.com | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
https://patchstack.com/database/wordpress/plugin/final-tiles-grid-gallery-lite/vulnerability/wordpress-image-photo-gallery-final-tiles-grid-plugin-3-6-11-broken-access-control-vulnerability?_s_id=cve
https://www.wordfence.com/threat-intel/vulnerabilities/id/89dd21b1-35f4-45f1-a9b0-f64434220a94