Is "Gallery" safe?

WordPress Plugin security and safety information.

Rating: Good (current version safe) Recommendations

Gallery: Plugin Details

Type: Plugin
Author: WebDorado
Latest Version: 1.5.69


Gallery: Security Information

Insecure versions: Up To 1.5.68
Known since: 2021-02-23 12:21:05
Description: Multiple reflected cross-site scripting vulnerabilities in Photo Gallery (10Web Photo Gallery) plugin before 1.5.69 allows an attacker to inject arbitrary javascript to any site where plugin is used.

Insecure versions: Up To 1.5.67
Known since: 2021-02-04 18:06:54

Insecure versions: Up To 1.5.53
Known since: 2020-05-20 03:31:09
Description: SQL injection in the Photo Gallery (10Web Photo Gallery) plugin before 1.5.55 exists via the frontend/models/model.php bwg_search_x parameter.

Insecure versions: Up To 1.5.45
Known since: 2020-02-26 14:19:13

Insecure versions: Up To 1.2.8
Known since: 2020-02-26 14:16:40

Insecure versions: Up To 1.5.34
Known since: 2019-09-10 02:23:18

Insecure versions: Up To 1.5.30
Known since: 2019-07-28 15:39:32

Insecure versions: Up To 1.5.22
Known since: 2019-06-21 17:51:10

Insecure versions: Up To 1.5.24
Known since: 2019-06-21 17:51:03

Insecure versions: Up To 1.3.66
Known since: 2018-02-26 14:19:17

Insecure versions: Up To 1.3.50
Known since: 2017-08-26 14:11:35

Insecure versions: Up To 1.3.42
Known since: 2017-06-22 15:34:43

Insecure versions: Up To 1.3.35
Known since: 2017-05-06 13:17:03

Insecure versions: Up To 1.1.30
Known since: 2015-11-25 04:40:53

Insecure versions: Up To 1.1.30
Known since: 2015-11-25 04:40:53


Gallery: Safety Recommendations

We have rated Gallery as Good (current version safe) which means that we have found vulnerabilities in older versions.

We recommend that you only use the latest version of Gallery.

Gallery: Staying Up-to-date

Make sure your installation of Gallery is safe with the following free Jetpack services for WordPress sites:
  • Updates & Management
    Turn on auto-updates for Gallery or manage in bulk.
  • Prevent Infiltrations
    Automatic protection against brute force attacks and secure sign on.

Choose Your Plan

Gallery: Keeping Safe

If you're running a business, ecommerce, news, or other critical website, Jetpack also provides additional indispensable services:
  • Automated Backups
    Full backup of your entire site with unlimited storage space.
  • Restores & Migrations
    Restore or migrate your site from a backup with one click.
  • Security Scanning
    Regular, automated scans of your site for malware, threats, and hacks.
  • Expert Support
    Fast, priority support for any WordPress security issue.

Choose Your Plan

About this information

This WordPress security information is part of our security library and is brought to you by Jetpack as part of our committment to a safer WordPress experience.

If you have any questions, please do not hesitate to contact us.