Gallery
This hub aggregates every CVE we track for Gallery, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
89
CVEs tracked
8
Critical
19
High
0
In CISA KEV
Severity distribution
MEDIUM61HIGH19CRITICAL8LOW1
Monthly trend
1
0
0
0
0
1
1
1
0
0
4
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Gallery.
- CVE-2025-20969Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within...5.5
- CVE-2025-20968Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and per...7.2
- CVE-2025-20967Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary f...5.1
- CVE-2025-20966Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows physical attackers to access data acros...4.6
- CVE-2025-26778WordPress Gallery Custom Links Plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability5.9
- CVE-2023-45631WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability4.3
- CVE-2024-11501Gallery <= 1.3 - Authenticated (Contributor+) PHP Object Injection8.8
- CVE-2024-37542WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability5.4
- CVE-2024-35750WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - SQL Injection vulnerability8.5
- CVE-2024-30550WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Reflected Cross Site Scripting (XSS) vulnerability7.1
- CVE-2024-31120WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-20827Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical attackers to access the picture using physical keyboard on the lockscreen.4.6
- CVE-2023-45630WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)6.5
- CVE-2023-30725Improper authentication in LocalProvier of Gallery prior to version 14.5.01.2 allows attacker to access the data in content provider.5.1
- CVE-2023-30724Improper authentication in GallerySearchProvider of Gallery prior to version 14.5.01.2 allows attacker to access search history.4.0
Product normalization is registry-driven with AI assist and human review. How it works