Envira Photo Gallery

Syed Balkhi

Developer

1.12.1

Latest version

100,000

Installations

6 days ago

Last updated

WordPress Plugin

Active VDP

Report vulnerability

Vulnerabilities

Security Policy

Security Contributors

Vulnerability history

0 present

10 fixed

3 Mitigation rules

Missing Authorization to Authenticated (Author+) Multiple Gallery Actions vulnerability
<= 1.12.0
6 days ago
Missing Authorization to Authenticated (Contributor+) Gallery Conversion vulnerability
<= 1.11.0
Nov 10, 2025
Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library
<= 1.8.15
Dec 3, 2024
Author+ Stored XSS vulnerability
< 1.8.15
Sep 11, 2024
Broken Access Control vulnerability
<= 1.8.14
Aug 26, 2024
CSRF leading to notice dismissal vulnerability
<= 1.8.7.3
Jun 20, 2024
Missing Authorization to Gallery Modification vulnerability
<= 1.8.7.2
Jan 8, 2024
Reflected Cross-Site Scripting (XSS) vulnerability
<= 1.8.4.6
Oct 10, 2022
Authenticated Stored Cross-Site Scripting (XSS) vulnerability
<= 1.8.3.2
Dec 19, 2020
Authenticated Stored Cross-Site Scripting (XSS) vulnerability
<= 1.7.6
Feb 25, 2020