Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Unitegallery Subscribe
Filtered by product Unite Gallery Lite
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-9447 1 Unitegallery 1 Unite Gallery Lite 2019-09-27 4.3 MEDIUM 6.5 MEDIUM
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin.php galleryid or id parameters.
CVE-2015-9445 1 Unitegallery 1 Unite Gallery Lite 2019-09-26 6.8 MEDIUM 8.8 HIGH
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin-ajax.php in a unitegallery_ajax_action operation.
CVE-2015-9446 1 Unitegallery 1 Unite Gallery Lite 2019-09-26 6.5 MEDIUM 8.8 HIGH
The unite-gallery-lite plugin before 1.5 for WordPress has SQL injection via data[galleryID] to wp-admin/admin-ajax.php.