Modula Image Gallery

WP Chill

Developer

2.13.4

Latest version

100,000

Installations

No date

Last updated

WordPress Plugin

Active VDP

Report vulnerability

Vulnerabilities

Security Policy

Security Contributors

Vulnerability history

0 present

10 fixed

6 Mitigation rules

Missing Authorization to Authenticated (Author+) Arbitrary Gallery Modification vulnerability
<= 2.13.3
2 days ago
Authenticated (Author+) Arbitrary File Upload via Race Condition vulnerability
2.13.1-2.13.2
Dec 3, 2025
Authenticated (Author+) Arbitrary File Deletion vulnerability
2.13.1-2.13.2
Dec 3, 2025
Improper Authorization to Authenticated (Author+) Arbitrary Image File Move vulnerability
<= 2.12.28
Nov 14, 2025
Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox 5 JavaScript Library vulnerability
<= 2.10.1
Apr 3, 2025
Authenticated (Author+) Arbitrary File Upload vulnerability
<= 2.11.10
Jan 7, 2025
Incomplete Authorization via 'save_image' and 'save_images' vulnerability
< 2.7.5
Sep 12, 2023
Unauth. Plugin Settings Change vulnerability
<= 2.6.9
Oct 28, 2022
Reflected Cross-Site Scripting (XSS) vulnerability
<= 2.6.6
Jun 6, 2022
Authenticated Stored Cross-Site Scripting (XSS) vulnerability
<= 2.2.4
Feb 19, 2020