cleantalk
Vulnerabilities and Security Researches

Photo Gallery by 10Web – Mobile-Friendly Image Gallery, CVE-2025-0613

CVE, Research URL

CVE-2025-0613

Home page URL

Security reports for Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Application

Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Published on
Mar 31, 2025
Research Description
The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users, leading to an Unauthenticated Stored-XSS attack when comments are displayed
Affected versions
Min -, max 1.8.34.
Status
vulnerable
Previous vulnerability researches
Labinator Content Types Duplicator (CVE-2025-31809) , Apr 03, 2025
Theme Duplicator (CVE-2025-31845) , Apr 03, 2025
WP Bulk Post Duplicator (CVE-2025-28884) , Mar 13, 2025
Multisite Post Duplicator (CVE-2016-10944) , Jun 07, 2024
Theme File Duplicator (CVE-2025-27283) , Feb 27, 2025
New vulnerability
Multiple Post Type Order (CVE-2025-4055) , May 08, 2025
WP MultiTasking – WP Utilities (CVE-2024-6860) , May 08, 2025
WP MultiTasking – WP Utilities (CVE-2024-6857) , May 08, 2025
PeproDev Ultimate Profile Solutions (CVE-2025-3924) , May 08, 2025
PeproDev Ultimate Profile Solutions (CVE-2025-3921) , May 08, 2025