cleantalk
Vulnerabilities and Security Researches

Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress, CVE-2022-27853

CVE, Research URL

CVE-2022-27853

Home page URL

Security reports for Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress

Application

Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress

Published on
Apr 18, 2022
Research Description
Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) in Contest Gallery (WordPress plugin) <= 13.1.0.9
Affected versions
Min -, max 13.1.0.7.
Status
vulnerable
Previous vulnerability researches
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress (CVE-2024-39631) , Jul 28, 2024
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress (CVE-2024-11103) , Nov 29, 2024
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress (CVE-2025-22693) , Feb 04, 2025
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress (CVE-2022-4157) , Jun 07, 2024
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress (CVE-2022-4158) , Jun 07, 2024
New vulnerability
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2025-3876) , May 11, 2025
SMS Alert Order Notifications &#8211; WooCommerce (CVE-2025-3878) , May 11, 2025
WordPress Review Plugin: The Ultimate Solution for Building a Review Website (CVE-2025-2158) , May 11, 2025
Drag and Drop Multiple File Upload for WooCommerce (CVE-2025-4403) , May 11, 2025
Contact Us By Lord Linus (CVE-2025-1382) , May 11, 2025