Vulnerabilities

CVE-2025-15466 - Image Photo Gallery Final Tiles Grid <= 3.6.9 - missing authorization to authent...

2026-01-20 0 views admin

CVE ID : CVE-2025-15466 Published : Jan. 19, 2026, 11:21 p.m. | 1 hour, 6 minutes ago Description : The Image Photo Gallery Final Tiles Grid plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on multiple AJAX actions in all versions up to, and including, 3.6.9. This makes it possible for authenticated attackers, with Contributor-level access and above, to view, create, modify, clone, delete, and reassign ownership of galleries created by other users, including administrators. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-15466

Published

Jan. 19, 2026

Affected Product: WordPress

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-15466wordpress

CVE-2025-15466 - Image Photo Gallery Final Tiles Grid <= 3.6.9 - missing authorization to authent...

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-14533 - Advanced Custom Fields: Extended <= 0.9.2.1 - unauthenticated privilege escalati...

CVE-2025-41084 - Stored Cross-Site Scripting (XSS) in Sesame web application

CVE-2025-66523 - Reflected Cross-Site Scripting (XSS) Vulnerability in na1.foxitesign.foxit.com v...

CVE-2026-1223 - BROWAN COMMUNICATIONS ｜PrismX MX100 AP controller - Insufficiently Protected Cred...

Trending

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

Tech: Data is the only moat

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

Tech: AWS European Sovereign Cloud

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3