Photo Gallery by Ays – Responsive Image Gallery

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   Photo Gallery by Ays – Responsive Image Gallery

Information

Software Type Plugin
Software Slug gallery-photo-gallery (view on wordpress.org)
Software Status Active
Software Author ays-pro
Software Website ays-pro.com
Software Downloads 62,527
Software Active Installs 1,000
Software Record Last Updated October 4, 2023

6 vulnerabilities

Photo Gallery by Ays <= 5.2.6 - Cross-Site Request Forgery
4.3
CVE-2023-39917
Aug 7, 2023
Researcher: Skalucy
Photo Gallery by Ays <= 5.1.6 - Reflected Cross-Site Scripting
6.1
CVE-2023-2568
May 16, 2023
Researcher: Erwan LR
Photo Gallery by Ays <= 5.1.3 - Reflected Cross-Site Scripting via ays_gpg_settings_tab
6.1
CVE-2023-32107
May 3, 2023
Researcher: Le Ngoc Anh
Photo Gallery by Ays - Responsive Image Gallery <= 4.4.3 - Authenticated Blind SQL Injections
7.2
CVE-2021-24462
Jun 29, 2021
Researcher: To Quang Duong
Photo Gallery by Ays – Responsive Image Gallery <= 4.4.3 - Reflected Cross-Site Scripting
6.1
CVE ID Unknown
Jun 29, 2021
Researcher: WPScanTeam
Photo Gallery by Ays – Responsive Image Gallery < 1.0.1 - SQL Injection
9.8
CVE-2016-10921
Jul 11, 2016
Researchers:
Title CVE ID CVSS Researchers Date
Photo Gallery by Ays <= 5.2.6 - Cross-Site Request Forgery CVE-2023-39917 4.3 Skalucy August 7, 2023
Photo Gallery by Ays <= 5.1.6 - Reflected Cross-Site Scripting CVE-2023-2568 6.1 Erwan LR May 16, 2023
Photo Gallery by Ays <= 5.1.3 - Reflected Cross-Site Scripting via ays_gpg_settings_tab CVE-2023-32107 6.1 Le Ngoc Anh May 3, 2023
Photo Gallery by Ays - Responsive Image Gallery <= 4.4.3 - Authenticated Blind SQL Injections CVE-2021-24462 7.2 To Quang Duong June 29, 2021
Photo Gallery by Ays – Responsive Image Gallery <= 4.4.3 - Reflected Cross-Site Scripting 6.1 WPScanTeam June 29, 2021
Photo Gallery by Ays – Responsive Image Gallery < 1.0.1 - SQL Injection CVE-2016-10921 9.8 July 11, 2016

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation