All-in-One Video Gallery

Plugins360 Labs

Developer

4.6.4

Latest version

20,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

10 fixed

6 Mitigation rules

Authenticated (Author+) Arbitrary File Upload vulnerability
4.5.4-4.5.7
Dec 8, 2025
Authenticated (Contributor+) Stored Cross-Site Scripting via Video Shortcode vulnerability
<= 3.7.1
Jul 24, 2024
Authenticated (Contributor+) Local File Inclusion via aiovg_search_form Shortcode vulnerability
<= 3.6.5
May 15, 2024
Authenticated (Contributor+) Arbitrary File Upload via featured image vulnerability
<= 3.6.4
May 1, 2024
Broken Access Control vulnerability
<= 3.5.2
Apr 5, 2024
Reflected Cross Site Scripting (XSS) vulnerability
< 3.4.3
Jul 18, 2023
Unauthenticated Arbitrary File Download & SSRF vulnerability
2.5.8-2.6.0
Aug 18, 2022
Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
< 2.5.4
Feb 28, 2022
Sensitive Information Disclosure vulnerability
< 2.5.4
Feb 28, 2022
Local File Inclusion (LFI) vulnerability
<= 2.4.9
Nov 15, 2021