All-in-One Video Gallery
Plugins360 Labs
Developer
4.7.5
Latest version
20,000
Installations
No date
Last updated
Vulnerability history
0 present
14 patched
9 Mitigation rules
- Reflected Cross-Site Scripting via 'vi' Parameter vulnerability<= 4.7.104/03/2026
- Authenticated (Author+) Arbitrary File Upload via VTT Upload Bypass vulnerability<= 4.5.703/02/2026
- Missing Authorization to Authenticated (Subscriber+) Limited User Meta Update vulnerability4.1.0-4.6.424/01/2026
- Missing Authorization to Unauthenticated Bunny Stream Video Creation/Deletion vulnerability<= 4.6.423/01/2026
- Arbitrary File Upload vulnerability<= 4.5.708/12/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via Video Shortcode vulnerability<= 3.7.124/07/2024
- Authenticated (Contributor+) Local File Inclusion via aiovg_search_form Shortcode vulnerability<= 3.6.515/05/2024
- Authenticated (Contributor+) Arbitrary File Upload via featured image vulnerability<= 3.6.401/05/2024
- Broken Access Control vulnerability<= 3.5.205/04/2024
- Reflected Cross Site Scripting (XSS) vulnerability< 3.4.318/07/2023
- Unauthenticated Arbitrary File Download & SSRF vulnerability2.5.8-2.6.018/08/2022
- Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability< 2.5.428/02/2022
- Sensitive Information Disclosure vulnerability< 2.5.428/02/2022
- Local File Inclusion (LFI) vulnerability<= 2.4.915/11/2021