Browse all 17 CVE security advisories affecting FooPlugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.
FooPlugins develops WordPress security and optimization plugins, with 17 CVEs recorded to date. Historically, vulnerabilities have commonly included remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and access control flaws. Security researchers have identified multiple instances where improper sanitization allowed attackers to execute arbitrary code or manipulate plugin functionality. While no major public breaches have been widely documented, the consistent pattern of vulnerabilities in their products highlights ongoing challenges in secure coding practices. Users are advised to maintain current versions and implement additional security layers to mitigate potential risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25362 | WordPress FooGallery plugin <= 3.1.11 - Cross Site Scripting (XSS) vulnerability — FooGalleryCWE-79 | 5.9 | Medium | 2026-02-19 |
| CVE-2026-25363 | WordPress FooGallery plugin <= 3.1.11 - Broken Access Control vulnerability — FooGalleryCWE-862 | 4.3 | Medium | 2026-02-19 |
| CVE-2023-44244 | WordPress FooGallery Plugin <= 2.2.44 is vulnerable to Cross Site Scripting (XSS) — FooGalleryCWE-79 | 7.1 | High | 2023-10-02 |
| CVE-2023-29439 | WordPress FooGallery Plugin <= 2.2.35 is vulnerable to Cross Site Scripting (XSS) — FooGalleryCWE-79 | 7.1 | High | 2023-05-16 |
This page lists every published CVE security advisory associated with FooPlugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.