{"cve":{"cve_id":"CVE-2025-22624","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00384,"epss_percentile":0.30067,"epss_as_of":"2026-06-23","description":"FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php.","published_at":"2025-02-27T18:26:27.030000Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":5.1,"cvss_v4_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N","cvss_v4_severity":"MEDIUM","ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-79"],"nvd_references":["https://fluidattacks.com/advisories/skims-10/","https://wordpress.org/plugins/foogallery/"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:25:47.692744Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":"4.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"AT","name":"Attack Requirements","value":"N","value_label":"None"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"A","value_label":"Active"},{"metric":"VC","name":"Confidentiality (Vulnerable System)","value":"N","value_label":"None"},{"metric":"VI","name":"Integrity (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"VA","name":"Availability (Vulnerable System)","value":"N","value_label":"None"},{"metric":"SC","name":"Confidentiality (Subsequent System)","value":"L","value_label":"Low"},{"metric":"SI","name":"Integrity (Subsequent System)","value":"L","value_label":"Low"},{"metric":"SA","name":"Availability (Subsequent System)","value":"N","value_label":"None"}]},"affected":[{"vendor_slug":"bradvin","vendor_name":"bradvin","product_slug":"foogallery-responsive-photo-gallery-image-viewer-justified-masonry-carousel","product_name":"FooGallery - Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel","version_start":"2.4.29","version_start_inclusive":true,"version_end":"2.4.29","version_end_inclusive":true,"cpe23_uri":"cve5:bradvin:foogallery-responsive-photo-gallery-image-viewer-justified-masonry-carousel:2.4.29:2.4.29"}],"exploit_refs":[],"news":[],"references":[{"url":"https://fluidattacks.com/advisories/skims-10/","source_type":"VENDOR_ADVISORY","tags":["advisory"]},{"url":"https://wordpress.org/plugins/foogallery/","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2025-02-27T18:26:27.030000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:43:32.919262Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:43:32.919262Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:43:32.919262Z","label":"CVSS score revised","source":"cvelistv5"}]}