Image Photo Gallery Final Tiles Grid

WP Chill

Developer

3.6.13

Latest version

20,000

Installations

No date

Last updated

WordPress Plugin

Active VDP

Report vulnerability

Vulnerabilities

Security Policy

Security Contributors

Vulnerability history

0 present

12 patched

5 Mitigation rules

Broken Access Control vulnerability
<= 3.6.10
18/02/2026
Missing Authorization to Authenticated (Contributor+) Arbitrary Gallery Management vulnerability
<= 3.6.9
19/01/2026
Authenticated (Author+) Stored Cross-Site Scripting via 'Custom Scripts' Setting vulnerability
<= 3.6.8
31/12/2025
Missing Authorization to Authenticated (Contributor+) Gallery Management vulnerability
<= 3.6.7
18/12/2025
Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
<= 3.6.0
26/02/2025
Contributor+ Stored XSS vulnerability
< 3.6.0
15/07/2024
Reflected Cross Site Scripting (XSS) vulnerability
<= 3.5.6
19/07/2023
Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
<= 3.5.4
28/02/2022
Sensitive Information Disclosure vulnerability
<= 3.5.4
28/02/2022
Stored Cross-Site Scripting (XSS) vulnerability
<= 3.5.2
18/01/2022
Authenticated Stored Cross-Site Scripting (XSS) vulnerability
<= 3.4.18
28/05/2020
Authenticated Option Update vulnerability (Fremius Library security issue)
<= 3.3.52
02/03/2019