Vulnerabilities and security researches forgb-gallery-slideshow gb-gallery-slideshow

Jun 07, 2024

CVE, Research URL: CVE-2014-8375
Home page URL: Security reports for GB Gallery Slideshow
Application: GB Gallery Slideshow
Date: Oct 21, 2014
Research Description: SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selected_group parameter in a gb_ajax_get_group action to wp-admin/admin-ajax.php.
Affected versions: Min -, max -.
Status: vulnerable

Apr 03, 2025

CVE, Research URL: CVE-2025-31732
Home page URL: Security reports for GB Gallery Slideshow
Application: GB Gallery Slideshow
Date: Apr 01, 2025
Research Description: Missing Authorization vulnerability in gb-plugins GB Gallery Slideshow allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GB Gallery Slideshow: from n/a through 1.3.
Affected versions: Min -, max -.
Status: vulnerable

Apr 18, 2025

CVE, Research URL: CVE-2025-32649
Home page URL: Security reports for GB Gallery Slideshow
Application: GB Gallery Slideshow
Date: Apr 17, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gb-plugins GB Gallery Slideshow allows Reflected XSS. This issue affects GB Gallery Slideshow: from n/a through 1.3.
Affected versions: Min -, max -.
Status: vulnerable