Vulnerabilities and security researches forresponsive-gallery-grid responsive-gallery-grid

Jun 07, 2024

CVE, Research URL: CVE-2023-0060
Home page URL: Security reports for Responsive Gallery Grid
Application: Responsive Gallery Grid
Date: Feb 13, 2023
Research Description: The Responsive Gallery Grid WordPress plugin before 2.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-41659
Home page URL: Security reports for Responsive Gallery Grid
Application: Responsive Gallery Grid
Date: Oct 06, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Jules Colle, BDWM Responsive Gallery Grid plugin <= 2.3.10 versions.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-1664
Home page URL: Security reports for Responsive Gallery Grid
Application: Responsive Gallery Grid
Date: Apr 09, 2024
Research Description: The Responsive Gallery Grid WordPress plugin before 2.3.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions: Min -, max -.
Status: vulnerable

May 19, 2025

CVE, Research URL: CVE-2024-4091
Home page URL: Security reports for Responsive Gallery Grid
Application: Responsive Gallery Grid
Date: May 16, 2025
Research Description: The Responsive Gallery Grid WordPress plugin before 2.3.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Affected versions: Min -, max -.
Status: vulnerable