Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

fooplugins — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting fooplugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.

FooPlugins develops WordPress security and optimization plugins, with 17 CVEs recorded to date. Historically, vulnerabilities have commonly included remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and access control flaws. Security researchers have identified multiple instances where improper sanitization allowed attackers to execute arbitrary code or manipulate plugin functionality. While no major public breaches have been widely documented, the consistent pattern of vulnerabilities in their products highlights ongoing challenges in secure coding practices. Users are advised to maintain current versions and implement additional security layers to mitigate potential risks.

Found 8 results / 17Clear Filters
Top products by fooplugins: Gallery by FooGallery FooGallery Lightbox & Modal Popup WordPress Plugin – FooBox Best Image Gallery & Responsive Photo Gallery – FooGallery Best WordPress Gallery Plugin – FooGallery FooBox Image Lightbox
CVE IDTitleCVSSSeverityPublished
CVE-2025-15524 Gallery by FooGallery <= 3.1.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Gallery Metadata Exposure — Gallery by FooGalleryCWE-862 4.3 Medium2026-02-11
CVE-2025-6068 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting — Gallery by FooGalleryCWE-79 6.4 Medium2025-07-11
CVE-2024-12114 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.29 - Insecure Direct Object Reference to Authenticated (Custom+) Arbitrary Post/Page Updates — Gallery by FooGalleryCWE-639 4.3 Medium2025-03-08
CVE-2024-12119 FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.29 - Authenticated (Custom+) Stored Cross-Site Scripting via Album Title Size — Gallery by FooGalleryCWE-79 6.4 Medium2025-03-08
CVE-2024-2122 FooGallery <= 2.4.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Custom URL — Gallery by FooGalleryCWE-79 6.4 Medium2024-06-14
CVE-2024-2081 FooGallery <= 2.4.14 - Authenticated (Author+) Stored Cross-Site Scripting — Gallery by FooGalleryCWE-79 6.4 Medium2024-04-09
CVE-2024-2471 FooGallery <= 2.4.14 - Authenticated (Author+) Stored Cross-Site Scripting via Image Attachment Fields — Gallery by FooGalleryCWE-79 6.4 Medium2024-04-06
CVE-2024-0604 Best WordPress Gallery Plugin – FooGallery <= 2.4.7 -Authenticated(Administrator+) Stored Cross-Site Scripting via settings — Gallery by FooGalleryCWE-79 4.4 Medium2024-02-20

This page lists every published CVE security advisory associated with fooplugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.