cleantalk
Vulnerabilities and Security Researches

Best WordPress Gallery Plugin – FooGallery, CVE-2024-2762

CVE, Research URL

CVE-2024-2762

Home page URL

Security reports for Best WordPress Gallery Plugin – FooGallery

Application

Best WordPress Gallery Plugin – FooGallery

Published on
Jun 13, 2024
Research Description
The FooGallery WordPress plugin before 2.4.15, foogallery-premium WordPress plugin before 2.4.15 does not validate and escape some of its Gallery settings before outputting them back in the page, which could allow users with a role as low as Author to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin
Affected versions
Min -, max 2.4.15.
Status
vulnerable
Previous vulnerability researches
FooGallery Captions (CVE-2025-23889) , Jan 25, 2025
Best WordPress Gallery Plugin – FooGallery (CVE-2022-4974) , Nov 15, 2024
Best WordPress Gallery Plugin – FooGallery (CVE-2025-22624) , Feb 28, 2025
Best WordPress Gallery Plugin – FooGallery (CVE-2023-29439) , Jun 07, 2024
Best WordPress Gallery Plugin – FooGallery (CVE-2023-44244) , Jun 07, 2024
New vulnerability
Simple File List (CVE-2025-34085) , Jul 13, 2025
Pakke Envíos (CVE-2025-52819) , Jul 13, 2025
Gwolle Guestbook (CVE-2025-5807) , Jul 13, 2025
Tennis Court Bookings (CVE-2025-52787) , Jul 13, 2025
WPC Smart Compare for WooCommerce (CVE-2025-5530) , Jul 13, 2025