InPost Gallery

Vulnerabilities 11Slug inpost-galleryLatest version 2.1.5WordPress.org →

Minimum safe version

2.1.5

Update to 2.1.5 or later to address 11 fixable vulnerabilities

Latest available2.1.5 ✓

N/A

2026-04-20< 2.1.5

InPost Gallery <= 2.1.4.6 - Unauthenticated SQL Injection

Wordfence CVE

High 7.5

2025-09-05< 2.1.4.6

CVE-2025-57889

CVE EUVD Wordfence

Medium 4.3

2025-04-15< 2.1.4.4

CVE-2025-26903

CVE EUVD Patchstack Wordfence

Medium 6.3

2024-11-26< 2.1.4.3

CVE-2024-11002

CVE Wordfence Patchstack

N/A

< 2.1.2.1

InPost Gallery <= 2.1.2 - LFI & Authenticated Stored XSS

WPScan

Medium 5.4

2023-04-12< 2.1.4.2

WordPress InPost Gallery Plugin <= 2.1.4.1 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence WPScan

N/A

2016-10-18< 2.1.2.1

InPost Gallery <= 2.1.2 - Cross-Site Scripting

Wordfence

N/A

2016-10-20< 2.1.2.1

InPost Gallery < 2.1.2.1 - Local File Inclusion

Wordfence

Critical 9.8

2022-12-19< 2.1.4.1

CVE-2022-4063

CVE Wordfence WPScan

N/A

2016-10-20< 2.1.2.1

WordPress InPost Gallery Plugin <= 2.1.2 - Local File Inclusion (LFI) Vulnerability

Patchstack

N/A

2016-10-20< 2.1.2.1

WordPress InPost Gallery plugin <= 2.1.2 - Authenticated Persistent Cross-Site (XSS) Vulnerability

Patchstack