Skyphe

skyphe

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

File Gallery

file-gallery

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-48771 1Skyphe 1File Gallery Apr 28, 2026 Dec 14, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno "Aesqe" Babic File Gallery allows Reflected XSS.This issue affects File Gallery: from n/a through 1.8.5.4.
CVE-2014-2558 1Skyphe 1File Gallery May 6, 2026 May 6, 2014 N/A· v4 N/A· v3 6.5 MEDIUM· v2 The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which allows remote administrators to execute arbitrary PHP code via a \' (backslash quote) in the setting fields to /wp-admin/option...Show more The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which allows remote administrators to execute arbitrary PHP code via a \' (backslash quote) in the setting fields to /wp-admin/options-media.php, related to the create_function function.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-48771

1Skyphe

1File Gallery

Apr 28, 2026

Dec 14, 2023

N/A· v4

6.1 MEDIUM· v3

N/A· v2

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno "Aesqe" Babic File Gallery allows Reflected XSS.This issue affects File Gallery: from n/a through 1.8.5.4.

CVE-2014-2558

1Skyphe

1File Gallery

May 6, 2026

May 6, 2014

N/A· v4

N/A· v3

6.5 MEDIUM· v2

The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which allows remote administrators to execute arbitrary PHP code via a \' (backslash quote) in the setting fields to /wp-admin/option...Show more