cleantalk
Vulnerabilities and Security Researches

Photo Gallery by 10Web – Mobile-Friendly Image Gallery, CVE-2022-4058

CVE, Research URL

CVE-2022-4058

Home page URL

Security reports for Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Application

Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Published on
Dec 19, 2022
Research Description
The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control.
Affected versions
Min -, max 1.3.38.
Status
vulnerable
Previous vulnerability researches
Social Photo Gallery (CVE-2019-14467) , Jun 06, 2024
Photo Gallery ( Responsive ) (CVE-2025-27276) , Feb 26, 2025
Image Gallery – Responsive Photo Gallery (CVE-2025-24697) , Feb 05, 2025
Image Gallery – Responsive Photo Gallery (CVE-2024-12403) , Jan 16, 2025
ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast – HTML5 (CVE-2023-1427) , Jun 06, 2024
New vulnerability
Email Notifications for Updates (CVE-2025-26741) , Apr 17, 2025
User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor (CVE-2025-2314) , Apr 17, 2025
hockeydata LOS (CVE-2025-26889) , Apr 17, 2025
Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin (CVE-2025-27011) , Apr 17, 2025
Paid Videochat Turnkey Site – HTML5 PPV Live Webcams (CVE-2025-31380) , Apr 17, 2025