cleantalk
Vulnerabilities and Security Researches

Video Gallery – Vimeo and YouTube Gallery, CVE-2021-24515

CVE, Research URL

CVE-2021-24515

Home page URL

Security reports for Video Gallery – Vimeo and YouTube Gallery

Application

Video Gallery – Vimeo and YouTube Gallery

Published on
Oct 25, 2021
Research Description
The Video Gallery WordPress plugin before 1.1.5 does not escape the Title and Description of the videos in a gallery before outputting them in attributes, leading to Stored Cross-Site Scripting issues
Affected versions
Min -, max 1.1.5.
Status
vulnerable
Previous vulnerability researches
Video Gallery – Vimeo and YouTube Gallery (CVE-2025-48349) , Aug 24, 2025
Video Gallery – Vimeo and YouTube Gallery (CVE-2021-24515) , Jun 06, 2024
New vulnerability
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) , Aug 26, 2025
UpdraftPlus: WordPress Backup & Migration Plugin , Aug 26, 2025
Simpler Checkout (CVE-2025-7642) , Aug 26, 2025
Sessions (CVE-2025-57890) , Aug 25, 2025
WP Admin Theme (CVE-2025-48325) , Aug 25, 2025