Awplife

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-24529 1Awplife 1Grid Gallery Jun 17, 2026 Aug 23, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 The Grid Gallery – Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cros...Show more The Grid Gallery – Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cross-Site Scripting vulnerability.Show less
CVE-2019-17072 1Awplife 1Contact Form Widget Jun 17, 2026 Oct 10, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The new-contact-form-widget (aka Contact Form Widget - Contact Query, Form Maker) plugin 1.0.9 for WordPress has SQL Injection via all-query-page.php.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2021-24529

1Awplife

1Grid Gallery

Jun 17, 2026

Aug 23, 2021

N/A· v4

5.4 MEDIUM· v3

3.5 LOW· v2

The Grid Gallery – Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for image galleries when adding them via the admin dashboard, resulting in an authenticated Stored Cros...Show more

CVE-2019-17072

1Awplife

1Contact Form Widget

Jun 17, 2026

Oct 10, 2019

N/A· v4

9.8 CRITICAL· v3

7.5 HIGH· v2

The new-contact-form-widget (aka Contact Form Widget - Contact Query, Form Maker) plugin 1.0.9 for WordPress has SQL Injection via all-query-page.php.

Previous 12