cleantalk
Vulnerabilities and Security Researches

Photo Gallery by 10Web – Mobile-Friendly Image Gallery, CVE-2026-49771

CVE, Research URL

CVE-2026-49771

Home page URL

Security reports for Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Application

Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Published on
Jun 04, 2026
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web Photo Gallery by 10Web allows Blind SQL Injection. This issue affects Photo Gallery by 10Web: from n/a through 1.8.41.
Affected versions
max 1.8.42.
Status
vulnerable
Previous vulnerability researches
Pretty Simple Popup Builder (CVE-2024-56298) , Jan 07, 2025
Pretty Simple Popup Builder (151dd12759a625ce194d0174ccb42453eeaa1d0a) , Jun 07, 2024
Pretty Simple Popup Builder (CVE-2024-39626) , Jul 27, 2024
Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers – Promolayer (CVE-2024-3602) , Jun 21, 2024
WP Popup Builder – Popup Forms and Marketing Lead Generation (CVE-2024-9061) , Oct 17, 2024
New vulnerability
Photo Gallery by 10Web – Mobile-Friendly Image Gallery (CVE-2026-49771) , Jun 06, 2026
Popup Builder – Create highly converting, mobile friendly marketing popups. (CVE-2019-25744) , Jun 06, 2026
WP Google Review Slider (CVE-2019-25745) , Jun 06, 2026
LMS by Masteriyo – WordPress Learning Management System, eLearning Platform, Online Education System & Online Course (CVE-2026-42743) , Jun 05, 2026
Printeers Print & Ship (CVE-2025-52766) , Jun 05, 2026