Vulnerabilities and security researches for1-jquery-photo-gallery-slideshow-flash 1-jquery-photo-gallery-slideshow-flash
Direction: ascendingJun 06, 2024
ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast – HTML5 # CVE-2023-1427
- CVE, Research URL
- Application
- Date
- Apr 17, 2023
- Research Description
- - The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast – HTML5 # CVE-2011-5180
- CVE, Research URL
- Application
- Date
- Sep 20, 2012
- Research Description
- Cross-site scripting (XSS) vulnerability in wp-1pluginjquery.php in the ZooEffect plugin 1.01 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: some of these details are obtained from third party information. NOTE: this has been disputed by a third party.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Apr 17, 2025
ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast – HTML5 # CVE-2025-26954
- CVE, Research URL
- Application
- Date
- Apr 15, 2025
- Research Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 1pluginjquery ZooEffect allows Reflected XSS. This issue affects ZooEffect: from n/a through 1.11.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable