🦸 Calling all superheroes! Introducing the WordPress Superhero Challenge for the Wordfence Bug Bounty Program: Earn up to $31,200 for High Impact Vulnerabilities! Through October 14th, 2024, all vulnerabilities reported in plugins or themes with >= 5,000,000 active installs will be 3x our highest bounty rewards making our top reward $31,200. Check out the updated bounties here!

Gmedia Photo Gallery

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > Gmedia Photo Gallery

Information

Software Type	Plugin
Software Slug	grand-media (view on wordpress.org)
Software Status	Active
Software Author	pasyuk
Software Website	wordpress.org
Software Downloads	998,771
Software Active Installs	10,000
Software Record Last Updated	September 20, 2024

8 Vulnerabilities

Submit a Vulnerability

Gmedia Photo Gallery < 1.20.0 - Authenticated (Admin+) Stored Cross-Site Scripting

5.5

CVE-2022-0873

Apr 25, 2022

Researcher: Kaushalendra Dubey

Gmedia Photo Gallery <= 1.18.4 - Cross-Site Scripting

6.1

CVE ID Unknown

Apr 27, 2020

Researcher: Vishnupriya Ilango

Gmedia Photo Gallery <= 1.6.4 - Cross-Site Scripting

6.1

CVE ID Unknown

May 27, 2015

Researcher: Chad Seaman

Gmedia Photo Gallery <= 1.6.4 - Open Proxy

5.8

CVE-2015-4339

May 27, 2015

Researcher: Chad Seaman

Gmedia Photo Gallery <= 1.6.4 - Denial of Service

7.5

CVE ID Unknown

May 27, 2015

Researcher: Chad Seaman

Gmedia Photo Gallery <= 1.6.4 - Local File Inclusion

9.8

CVE ID Unknown

May 27, 2015

Researcher: Chad Seaman

Gmedia Photo Gallery < 1.2.2 - Arbitrary File Upload

9.8

CVE ID Unknown

Aug 2, 2014

Researcher: Claudio Viviani

Gmedia Photo Gallery < 0.9.4 - Reflected Cross-Site Scripting

6.1

CVE ID Unknown

May 25, 2014

Researcher: Prajal Kulkarni

Title	Status	CVE ID	CVSS	Researchers	Date
Gmedia Photo Gallery < 1.20.0 - Authenticated (Admin+) Stored Cross-Site Scripting	Patched	CVE-2022-0873	5.5	Kaushalendra Dubey	April 25, 2022
Gmedia Photo Gallery <= 1.18.4 - Cross-Site Scripting	Patched		6.1	Vishnupriya Ilango	April 27, 2020
Gmedia Photo Gallery <= 1.6.4 - Cross-Site Scripting	Patched		6.1	Chad Seaman	May 27, 2015
Gmedia Photo Gallery <= 1.6.4 - Open Proxy	Patched	CVE-2015-4339	5.8	Chad Seaman	May 27, 2015
Gmedia Photo Gallery <= 1.6.4 - Denial of Service	Patched		7.5	Chad Seaman	May 27, 2015
Gmedia Photo Gallery <= 1.6.4 - Local File Inclusion	Patched		9.8	Chad Seaman	May 27, 2015
Gmedia Photo Gallery < 1.2.2 - Arbitrary File Upload	Patched		9.8	Claudio Viviani	August 2, 2014
Gmedia Photo Gallery < 0.9.4 - Reflected Cross-Site Scripting	Patched		6.1	Prajal Kulkarni	May 25, 2014

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation