Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Competition Plugin for WordPress 21.3.5

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 28, 2024

The Contest Gallery plugin for WordPress has a security issue where malicious code can be injected into pages if a user is tricked into clicking on a link. This can happen in versions up to 21.3.5 of the plugin because it does not properly clean and protect the input and output. This can be exploited by anyone without authorization.

Detected in:

Contest Gallery – Upload, Vote & Sell with PayPal and Stripe fixed vulnerable versions:
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Competition Plugin for WordPress fixed vulnerable versions:
Photos, Files, YouTube, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons fixed vulnerable versions:
Photos, Files, YouTube, Twitter, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons fixed vulnerable versions:
Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons fixed vulnerable versions:
Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI fixed vulnerable versions:
Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.