cleantalk
Vulnerabilities and Security Researches

Image Photo Gallery Final Tiles Grid, CVE-2022-0186

CVE, Research URL

CVE-2022-0186

Home page URL

Security reports for Image Photo Gallery Final Tiles Grid

Application

Image Photo Gallery Final Tiles Grid

Published on
Feb 21, 2022
Research Description
The Image Photo Gallery Final Tiles Grid WordPress plugin before 3.5.3 does not sanitise and escape the Description field when editing a gallery, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks against other users having access to the gallery dashboard
Affected versions
Min -, max 3.5.5.
Status
vulnerable
Previous vulnerability researches
Image Photo Gallery Final Tiles Grid (CVE-2024-3710) , Jul 10, 2024
Image Photo Gallery Final Tiles Grid (CVE-2024-6261) , Feb 28, 2025
Image Photo Gallery Final Tiles Grid (CVE-2020-14962) , Jun 07, 2024
Image Photo Gallery Final Tiles Grid (CVE-2022-0186) , Jun 07, 2024
Image Photo Gallery Final Tiles Grid (CVE-2022-4974) , Nov 15, 2024
New vulnerability
Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes (CVE-2025-49973) , Jun 30, 2025
Post Carousel Slider for Elementor (CVE-2025-3863) , Jun 30, 2025
WP User Stylesheet Switcher (CVE-2025-52792) , Jun 30, 2025
Easy FancyBox – WordPress Lightbox Plugin (CVE-2025-52707) , Jun 30, 2025
CRM ERP Business Solution | freelancers & SME | for WordPress & WooCommerce (CVE-2025-49987) , Jun 30, 2025