Gallery by FooGallery

CVE-2024-13362

CVE-2026-25362

CVE-2026-25363

CVE-2025-15524

FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel <= 2.4.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

CVE-2024-12119

CVE-2024-12114

WordPress FooGallery Plugin <= 2.4.29 is vulnerable to Cross Site Scripting (XSS)

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE-2024-2122

CVE-2024-2762

CVE-2024-2081

CVE-2024-2471

CVE-2024-0604

CVE-2023-44233

CVE-2023-44244

WordPress FooGallery Plugin < 2.2.44 is vulnerable to Cross Site Scripting (XSS)

FooGallery &lt; 1.9.25 - Authenticated Cross-Site Scripting (XSS)

CVE-2023-29439

Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update

FooGallery <= 1.9.24 - Authenticated Cross-Site Scripting

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Freemius Library &lt; 2.2.4 - Subscriber+ Arbitrary Option Update

Unauthorised AJAX Calls via Freemius

WordPress FooGallery plugin <= 1.6.15 - Authenticated Option Update vulnerability (Fremius Library security issue)

WordPress FooGallery plugin <= 1.9.24 - Authenticated Cross-Site Scripting (XSS) vulnerability

WordPress FooGallery plugin <= 2.1.33 - Sensitive Information Disclosure vulnerability

WordPress FooGallery plugin <= 2.1.33 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

FooGallery <= 1.8.12 - Cross-Site Scripting

CVE-2021-24357