cleantalk
Vulnerabilities and Security Researches

Customizable WordPress Gallery Plugin – Modula Image Gallery, CVE-2026-23976

CVE, Research URL

CVE-2026-23976

Home page URL

Security reports for Customizable WordPress Gallery Plugin – Modula Image Gallery

Application

Customizable WordPress Gallery Plugin – Modula Image Gallery

Published on
Jan 22, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Modula Image Gallery modula-best-grid-gallery allows Stored XSS.This issue affects Modula Image Gallery: from n/a through <= 2.13.4.
Affected versions
max 2.13.4.
Status
vulnerable
Previous vulnerability researches
Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery (CVE-2020-9003) , Jun 07, 2024
Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery (CVE-2024-9416) , Apr 04, 2025
Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery (CVE-2022-41135) , Jun 07, 2024
Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery (CVE-2024-12853) , Jan 08, 2025
Customizable WordPress Gallery Plugin &#8211; Modula Image Gallery (CVE-2026-24939) , Mar 30, 2026
New vulnerability
Product Feed PRO for WooCommerce (CVE-2026-32443) , Mar 30, 2026
RegistrationMagic &#8211; Custom Registration Forms, User Registration, Payment, and User Login (CVE-2026-24373) , Mar 30, 2026
RegistrationMagic &#8211; Custom Registration Forms, User Registration, Payment, and User Login (CVE-2026-32385) , Mar 30, 2026
RegistrationMagic &#8211; Custom Registration Forms, User Registration, Payment, and User Login (CVE-2026-32498) , Mar 30, 2026
Gallery Block (Meow Gallery) (CVE-2026-32418) , Mar 30, 2026