cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches formodula-best-grid-gallery modula-best-grid-gallery

Direction: ascending
Jun 07, 2024

Customizable WordPress Gallery Plugin – Modula Image Gallery # CVE-2020-9003

CVE, Research URL

CVE-2020-9003

Home page URL

Security reports for Customizable WordPress Gallery Plugin – Modula Image Gallery

Application

Customizable WordPress Gallery Plugin – Modula Image Gallery

Date
Feb 21, 2020
Research Description
A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. Successful exploitation of this vulnerability would allow an authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users.
Affected versions
Min -, max -.
Status
vulnerable

Customizable WordPress Gallery Plugin – Modula Image Gallery # CVE-2022-41135

CVE, Research URL

CVE-2022-41135

Home page URL

Security reports for Customizable WordPress Gallery Plugin – Modula Image Gallery

Application

Customizable WordPress Gallery Plugin – Modula Image Gallery

Date
Nov 19, 2022
Research Description
Unauth. Plugin Settings Change vulnerability in Modula plugin <= 2.6.9 on WordPress.
Affected versions
Min -, max -.
Status
vulnerable
Jan 08, 2025

Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery # CVE-2024-12853

CVE, Research URL

CVE-2024-12853

Home page URL

Security reports for Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery

Application

Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery

Date
-
Research Description
Modula Image Gallery [modula-best-grid-gallery] < 2.11.11 CVE-2024-12853
Affected versions
Min -, max -.
Status
vulnerable
Apr 04, 2025

Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery # CVE-2024-9416

CVE, Research URL

CVE-2024-9416

Home page URL

Security reports for Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery

Application

Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery

Date
Apr 03, 2025
Research Description
The Modula Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions <= 5.0.36) due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
Min -, max -.
Status
vulnerable