CVE-2026-4300
- EPSS 0.04%
- Veröffentlicht 08.04.2026 09:25:50
- Zuletzt bearbeitet 08.04.2026 21:26:13
The Robo Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Loading Label' setting in all versions up to, and including, 5.1.3. The plugin uses a custom `|***...***|` marker pattern in its `fixJsFunction()` method to e...
CVE-2026-32356
- EPSS 0.03%
- Veröffentlicht 13.03.2026 11:42:00
- Zuletzt bearbeitet 16.03.2026 14:53:46
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robosoft Robo Gallery robo-gallery allows DOM-Based XSS.This issue affects Robo Gallery: from n/a through <= 5.1.2.
CVE-2025-47521
- EPSS 0.14%
- Veröffentlicht 07.05.2025 14:20:07
- Zuletzt bearbeitet 15.04.2026 00:35:42
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robosoft Robo Gallery robo-gallery allows Stored XSS.This issue affects Robo Gallery: from n/a through <= 5.0.2.
CVE-2022-45841
- EPSS 0.12%
- Veröffentlicht 13.12.2024 15:15:08
- Zuletzt bearbeitet 15.04.2026 00:35:42
Missing Authorization vulnerability in RoboSoft Robo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Robo Gallery: from n/a through 3.2.9.
CVE-2024-34382
- EPSS 0.37%
- Veröffentlicht 06.05.2024 18:15:08
- Zuletzt bearbeitet 15.04.2026 00:35:42
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in RoboSoft Robo Gallery.This issue affects Robo Gallery: from n/a through 3.2.18.
CVE-2023-24414
- EPSS 0.12%
- Veröffentlicht 20.05.2023 23:15:09
- Zuletzt bearbeitet 21.11.2024 07:47:49
Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.11 versions.