bPlugins 3D Image Gallery Missing Authorization Vulnerability

Vulnerability

A missing authorization vulnerability has been identified in the bPlugins Image Gallery block, specifically in versions through 1.0.7. This vulnerability allows users to access functionality that is not properly restricted by access control lists (ACLs), potentially leading to unauthorized actions within the gallery management features.

Impact

Exploitation of this vulnerability could result in unauthorized access to gallery creation and management functions, allowing users to manipulate photo galleries or albums without proper authorization.

Added: Nov 6, 2025, 5:05 PM

Updated: Nov 6, 2025, 9:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

bPlugins 3D Image Gallery Missing Authorization Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating