Plugins360 All-in-one Video Gallery — known CVE vulnerabilities
Every CVE whose affected-product data names Plugins360 All-in-one Video Gallery, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-2633 — CVSS 7.5 (high): The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and blind server-side request forgery via the…
CVE-2021-24970 — CVSS 7.2 (high): The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab parameter before using it in a require…
CVE-2024-6629 — CVSS 6.4 (medium): The All-in-One Video Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video shortcode in all…
CVE-2024-31248 — CVSS 4.3 (medium): Missing Authorization vulnerability in Team Plugins360 All-in-One Video Gallery.This issue affects All-in-One Video Gallery: from n/a…