Browse all 3 CVE security advisories affecting Video Gallery by Total-Soft. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Video Gallery by Total-Soft is a media management application for organizing and displaying video content. Historically, the application has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by three recorded CVEs. The software's security posture has been compromised through insufficient input validation and improper access controls, allowing attackers to execute arbitrary code, manipulate user sessions, or gain elevated privileges. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for organizations deploying this application without proper hardening and monitoring.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-25988 | WordPress Video Gallery – YouTube Gallery plugin <= 1.7.6 - Broken Access Control vulnerability — Video Gallery – YouTube GalleryCWE-862 | 7.5 | High | 2024-12-13 |
| CVE-2023-45069 | WordPress Video Gallery – YouTube Gallery Plugin <= 2.1.3 is vulnerable to SQL Injection — Video Gallery – Best WordPress YouTube Gallery PluginCWE-89 | 7.6 | High | 2023-11-06 |
| CVE-2023-25979 | WordPress Video Gallery – YouTube Gallery Plugin <= 1.7.6 is vulnerable to Cross Site Scripting (XSS) — Video GalleryCWE-79 | 5.9 | Medium | 2023-05-03 |
This page lists every published CVE security advisory associated with Video Gallery by Total-Soft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.