Wpchill Modula Image Gallery — known CVE vulnerabilities
Every CVE whose affected-product data names Wpchill Modula Image Gallery, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-12853 — CVSS 8.8 (high): The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload…
CVE-2025-13646 — CVSS 7.5 (high): The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the…
CVE-2025-13645 — CVSS 7.2 (high): The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the…
CVE-2024-9416 — CVSS 6.4 (medium): The Modula Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript…
CVE-2020-9003 — CVSS 5.4 (medium): A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. Successful exploitation of this…