Contest-gallery

Contest Gallery

41 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-43283

  • EPSS 13.36%
  • Veröffentlicht 26.08.2024 16:15:09
  • Zuletzt bearbeitet 04.04.2025 14:36:52

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Contest Gallery.This issue affects Contest Gallery: from n/a through 23.1.2.

6.1

CVE-2024-39631

  • EPSS 0.44%
  • Veröffentlicht 01.08.2024 23:15:51
  • Zuletzt bearbeitet 11.09.2024 17:34:08

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Contest Gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through 23.1.2.

8.1

CVE-2024-32778

  • EPSS 0.16%
  • Veröffentlicht 09.06.2024 13:15:50
  • Zuletzt bearbeitet 03.04.2025 00:38:31

Missing Authorization vulnerability in Contest Gallery.This issue affects Contest Gallery: from n/a through 21.3.4.

6.1

CVE-2024-30428

  • EPSS 0.2%
  • Veröffentlicht 29.03.2024 14:15:09
  • Zuletzt bearbeitet 27.02.2025 14:53:37

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Contest Gallery allows Reflected XSS.This issue affects Contest Gallery: from n/a through 21.3.5.

9.9

CVE-2024-30236

  • EPSS 0.5%
  • Veröffentlicht 28.03.2024 05:15:51
  • Zuletzt bearbeitet 08.04.2025 16:39:14

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contest Gallery.This issue affects Contest Gallery: from n/a through 21.3.4.

8.8

CVE-2024-30238

  • EPSS 0.5%
  • Veröffentlicht 27.03.2024 14:15:13
  • Zuletzt bearbeitet 01.04.2025 18:32:27

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contest Gallery.This issue affects Contest Gallery: from n/a through 21.3.2.

5.4

CVE-2024-1487

  • EPSS 0.27%
  • Veröffentlicht 11.03.2024 18:15:18
  • Zuletzt bearbeitet 01.04.2025 15:44:13

The Photos and Files Contest Gallery WordPress plugin before 21.3.1 does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks.

8.8

CVE-2024-24887

  • EPSS 0.05%
  • Veröffentlicht 12.02.2024 09:15:12
  • Zuletzt bearbeitet 21.11.2024 08:59:55

Cross-Site Request Forgery (CSRF) vulnerability in Contest Gallery Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress.This issue affects Photos and Files Contest Gallery – Contact Form, Upload F...

6.1

CVE-2023-5307

Exploit
  • EPSS 1.02%
  • Veröffentlicht 31.10.2023 14:15:12
  • Zuletzt bearbeitet 22.04.2025 20:15:27

The Photos and Files Contest Gallery WordPress plugin before 21.2.8.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks via certain headers.

6.1

CVE-2023-28784

  • EPSS 0.09%
  • Veröffentlicht 22.06.2023 12:15:11
  • Zuletzt bearbeitet 21.11.2024 07:56:00

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 21.1.2 versions.