Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Contest-Gallery — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting Contest-Gallery. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Contest-Gallery is a WordPress plugin designed for managing photo and video contests on websites. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The plugin's 12 recorded CVEs highlight consistent security flaws, often stemming from insufficient input validation and improper access controls. Notable characteristics include its widespread use in WordPress ecosystems and recurring patterns of unauthenticated RCE vulnerabilities. Security researchers have frequently identified critical flaws that allow attackers to compromise entire websites, making it a persistent target for exploitation.

Top products by Contest-Gallery: Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe Contest Gallery
CVE IDTitleCVSSSeverityPublished
CVE-2026-4021 Contest Gallery <= 28.1.5 - Unauthenticated Privilege Escalation Admin Account Takeover via Registration Confirmation Email-to-ID Type Confusion — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-287 8.1 High2026-03-23
CVE-2026-3180 Contest Gallery <= 28.1.4 - Unauthenticated SQL Injection — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-89 7.5 High2026-03-02
CVE-2025-12849 Contest Gallery <= 28.0.2 - Missing Authorization — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-862 5.3 Medium2025-11-15
CVE-2025-11254 Contest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.3 - Unauthenticated CSV Injection — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-1236 4.3 Medium2025-10-11
CVE-2025-10383 Contest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.2 - Authenticated (Author+) Stored Cross-Site Scripting — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-79 6.4 Medium2025-10-04
CVE-2025-7725 Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI <= 26.1.0 - Unauthenticated Stored Cross-Site Scripting — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-79 7.2 High2025-08-01
CVE-2025-6716 Contest Gallery <= 26.0.8 - Authenticated (Author+) Stored Cross-Site Scripting — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-79 6.4 Medium2025-07-11
CVE-2025-3862 Contest Gallery <= 26.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-79 6.4 Medium2025-05-08
CVE-2025-1513 Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 26.0.0.1 - Unauthenticated Stored Cross-Site Scripting — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-79 7.2 High2025-02-28
CVE-2024-11103 Contest Gallery <= 24.0.7 - Unauthenticated Arbitrary Password Reset to Privilege Escalation/Account Takeover — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-640 9.8 Critical2024-11-28
CVE-2024-10687 Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 24.0.3 - Unauthenticated SQL Injection — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-89 9.8 Critical2024-11-05
CVE-2019-5974 WordPress Contest Gallery插件跨站请求伪造漏洞 — Contest Gallery 8.8 -2019-07-05

This page lists every published CVE security advisory associated with Contest-Gallery. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.