CVE Tools

wpchill

Web & CMS Pluginscommercial

18

Cumulative CVEs

3

Monthly snapshots

#99

Peak rank

Top products

image gallery – photo grid & video gallery2 image photo gallery final tiles grid2 modula image gallery2

Latest CVEs

The 15 most recently published vulnerabilities affecting wpchill.

CVE-2026-3239Strong Testimonials <= 3.2.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via testimonial_view Shortcode6.4Apr 8, 2026
CVE-2026-4401Download Monitor <= 5.1.10 - Cross-Site Request Forgery to Download Path Deletion and Disabling5.4Apr 7, 2026
CVE-2026-3124Download Monitor <= 5.1.7 - Insecure Direct Object Reference to Unauthenticated Arbitrary Order Completion via 'token' and 'order_id'7.5Mar 30, 2026
CVE-2026-3584Kali Forms <= 2.4.9 - Unauthenticated Remote Code Execution via form_process9.8Mar 20, 2026
CVE-2026-1860Kali Forms <= 2.4.8 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Form Data Exposure4.3Feb 18, 2026
CVE-2026-1254Modula Image Gallery – Photo Grid & Video Gallery <= 2.13.6 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post/Page Editing4.3Feb 14, 2026
CVE-2025-14865Passster – Password Protect Pages and Content <= 4.2.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4Jan 28, 2026
CVE-2025-15466Image Photo Gallery Final Tiles Grid <= 3.6.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Gallery Management5.4Jan 19, 2026
CVE-2025-14632Filr – Secure document library <= 1.2.11 - Authenticated (Administrator+) Stored Cross-Site Scripting via HTML Upload4.4Jan 17, 2026
CVE-2025-14426Strong Testimonials <= 3.2.18 - Missing Authorization to Authenticated (Contributor+) Rating Meta Update4.3Dec 30, 2025
CVE-2025-13693Image Photo Gallery Final Tiles Grid <= 3.6.8 - Authenticated (Author+) Stored Cross-Site Scripting via 'Custom Scripts' Setting6.4Dec 21, 2025
CVE-2025-14455Image Photo Gallery Final Tiles Grid <= 3.6.7 - Missing Authorization to Authenticated (Contributor+) Gallery Management5.4Dec 19, 2025
CVE-2025-14003Image Gallery – Photo Grid & Video Gallery <= 2.13.3 - Missing Authorization to Authenticated (Author+) Arbitrary Gallery Modification4.3Dec 15, 2025
CVE-2025-13891Image Gallery – Photo Grid & Video Gallery (Modula) <= 2.13.3 - Missing Authorization to Arbitrary Directory Listing6.5Dec 12, 2025
CVE-2025-13646Modula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Upload via Race Condition7.5Dec 3, 2025