Log out
Get PRO

Latest

Input validation vulnerability in Awesome Wp Image Gallery 1.0

  • Severity: medium-risk
  • Status: Open
  • Publication: July 2, 2025

Many add-ons for WordPress are at risk for Stored Cross-Site Scripting because of a library called prettyPhoto (version 3.1.6) that is included in the add-on. This is because the add-on does not properly check and protect against harmful code from users. This means that people with contributor or higher access can insert harmful code into pages, which will run whenever someone views the page.

Detected in:

Easy 3D Viewer fixed vulnerable versions: >= * <= 1.8.6.6
WP Video Lightbox fixed vulnerable versions: >= * <= 1.9.11
Awesome Gallery open vulnerable versions: >= * <= 1.0
Easy Image Gallery open vulnerable versions: >= * <= 1.5.2

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.