Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Wasiliy Strecker / ContestGallery developer — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting Wasiliy Strecker / ContestGallery developer. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Wasiliy Strecker develops ContestGallery, a WordPress plugin for managing photo and video contests. Historically, the plugin has been vulnerable to multiple security issues, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, contributing to 13 CVEs. Common weaknesses involve insufficient input validation and improper access controls. In 2023, a critical flaw allowed unauthenticated attackers to execute arbitrary code, leading to widespread exploitation. The plugin's frequent updates and complex functionality have introduced recurring security challenges, making it a persistent target for attackers. Strecker's codebase often requires immediate patching due to high-impact vulnerabilities affecting thousands of WordPress sites.

Top products by Wasiliy Strecker / ContestGallery developer: Contest Gallery
CVE IDTitleCVSSSeverityPublished
CVE-2026-25035 WordPress Contest Gallery plugin <= 28.1.2.2 - Account Takeover vulnerability — Contest GalleryCWE-288 9.8 Critical2026-03-25
CVE-2026-24964 WordPress Contest Gallery plugin <= 28.1.2.1 - Server Side Request Forgery (SSRF) vulnerability — Contest GalleryCWE-918 6.4 Medium2026-03-25
CVE-2026-24965 WordPress Contest Gallery plugin <= 28.1.1 - Broken Access Control vulnerability — Contest GalleryCWE-862 4.3 Medium2026-02-03
CVE-2025-62950 WordPress Contest Gallery plugin <= 28.0.0 - Cross Site Request Forgery (CSRF) vulnerability — Contest GalleryCWE-352 4.3 Medium2025-11-06
CVE-2025-48291 WordPress Contest Gallery <= 26.0.6 - Cross Site Scripting (XSS) Vulnerability — Contest GalleryCWE-79 7.1 High2025-07-16
CVE-2025-22693 WordPress Contest Gallery plugin <= 25.1.0 - SQL Injection vulnerability — Contest GalleryCWE-89 7.6 High2025-02-03
CVE-2024-56237 WordPress Contest Gallery plugin <= 24.0.3 - Cross Site Scripting (XSS) vulnerability — Contest GalleryCWE-79 5.9 Medium2025-01-02
CVE-2024-43283 WordPress Contest Gallery plugin <= 23.1.2 - Unauthenticated Comment UserID And IP address Disclosure vulnerability — Contest GalleryCWE-201 5.3 Medium2024-08-26
CVE-2024-39631 WordPress Contest Gallery plugin <= 23.1.2 - Cross Site Scripting (XSS) vulnerability — Contest GalleryCWE-79 7.1 High2024-08-01
CVE-2024-32778 WordPress Contest Gallery plugin <= 21.3.4 - Arbitrary File Deletion vulnerability — Contest GalleryCWE-22 8.5 High2024-06-09
CVE-2024-30428 WordPress Contest Gallery plugin <= 24.0.3 - Reflected Cross Site Scripting (XSS) vulnerability — Contest GalleryCWE-79 7.1 High2024-03-29
CVE-2024-30236 WordPress Contest Gallery plugin <= 21.3.4 - SQL Injection vulnerability — Contest GalleryCWE-89 8.5 High2024-03-28
CVE-2024-30238 WordPress Photos and Files Contest Gallery plugin <= 21.3.2 - SQL Injection vulnerability — Contest GalleryCWE-89 8.5 High2024-03-27

This page lists every published CVE security advisory associated with Wasiliy Strecker / ContestGallery developer. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.