Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress

Vulnerabilities 12Slug gallery-pluginLatest version 4.7.7WordPress.org →

Minimum safe version

4.7.4

Update to 4.7.4 or later to address 12 fixable vulnerabilities

Latest available4.7.7 ✓

High 7.2

2025-03-07< 4.7.4

CVE-2024-13906

CVE EUVD Patchstack Wordfence

N/A

< 3.1.1

Gallery 3.06 - Unauthenticated File Upload PHP Code Execution

WPScan

High 8.8

2023-04-17< 4.7.0

CVE-2023-0765

CVE Patchstack Wordfence WPScan

Medium 5.4

2023-04-17< 4.7.0

CVE-2023-0764

CVE Patchstack Patchstack Wordfence WPScan

N/A

2023-03-27< 4.7.0

WordPress Gallery Plugin <= 4.6.9 is vulnerable to Cross Site Scripting (XSS)

Patchstack

N/A

2023-03-23< 4.7.0

Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress <= 4.6.9 - Authenticated (Administrator+) Stored Cross-Site Scripting

Wordfence

N/A

2017-04-12< 4.5.0

Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress < 4.5.0 - Reflected Cross-Site Scripting

Wordfence

N/A

< 4.5.0

Multiple BestWebSoft Plugins - Authenticated Cross-Site Scripting (XSS)

WPScan

N/A

2015-05-15< 3.8.4

WordPress Gallery Plugin <= 3.8.3 - Arbitrary File Access

Patchstack

N/A

2013-01-10< 3.8.4

WordPress Gallery Plugin - Remote Arbitrary File Access

Patchstack

N/A

2012-06-06< 3.07

WordPress Gallery Plugin 3.06 - Arbitrary File Upload

Patchstack

Medium 6.1

2017-05-22< 4.5.0

CVE-2017-2171

CVE JVN