- Description
- FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php.
- Source
- help@fluidattacks.com
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 6.4
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
- help@fluidattacks.com
- CWE-79
- Hype score
- Not currently trending
Our #researchteam found a #zeroday vulnerability in FooGallery. As a #CNA, we assigned the CVE-2025-22624. Details here: 🔗 https://t.co/SmtLyvXpdn. We have disclosed 191 #CVE to this date: 🔗https://t.co/gJf0vsgJQ1 #WeHackYourSoftware #AppSec https://t.co/fsOHJx6UII
@fluidattacks
15 Jul 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-22624 🟠 MEDIUM (6.4) 🏢 bradvin - FooGallery - Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel 🏗️ 2.4.29 🔗 https://t.co/EpihAzgTau 🔗 https://t.co/lxzkTRGdCE #CyberCron #VulnAlert https://t.co/Fc321qvvbX
@cybercronai
1 Mar 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-22624 | bradvin FooGallery 2.4.29 class-meta boxes.php cross site scripting) has been published on https://t.co/hfbCYIO6IM
@WolfgangSesin
28 Feb 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes