{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25345", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-02T12:52:42.958Z", "datePublished": "2026-03-25T16:14:42.721Z", "dateUpdated": "2026-03-27T14:31:37.994Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "simply-gallery-block", "product": "SimpLy Gallery", "vendor": "GalleryCreator", "versions": [{"changes": [{"at": "3.3.2.1", "status": "unaffected"}], "lessThanOrEqual": "<= 3.3.2", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "mcdruid | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:21.823Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Properly Constrained by ACLs.<p>This issue affects SimpLy Gallery: from n/a through <= 3.3.2.</p>"}], "value": "Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SimpLy Gallery: from n/a through <= 3.3.2."}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "Accessing Functionality Not Properly Constrained by ACLs"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1284", "description": "Improper Validation of Specified Quantity in Input", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:42.721Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/simply-gallery-block/vulnerability/wordpress-simply-gallery-plugin-3-3-2-arbitrary-code-execution-vulnerability?_s_id=cve"}], "title": "WordPress SimpLy Gallery plugin <= 3.3.2 - Arbitrary Code Execution vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T14:31:11.153457Z", "id": "CVE-2026-25345", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T14:31:37.994Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-25345", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-27T14:31:11.153457Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T14:28:08.498Z"}}], "cna": {"title": "WordPress SimpLy Gallery plugin <= 3.3.2 - Arbitrary Code Execution vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "mcdruid | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "Accessing Functionality Not Properly Constrained by ACLs"}]}], "affected": [{"vendor": "GalleryCreator", "product": "SimpLy Gallery", "versions": [{"status": "affected", "changes": [{"at": "3.3.2.1", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "<= 3.3.2"}], "packageName": "simply-gallery-block", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-03-25T17:12:21.823Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/simply-gallery-block/vulnerability/wordpress-simply-gallery-plugin-3-3-2-arbitrary-code-execution-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SimpLy Gallery: from n/a through <= 3.3.2.", "supportingMedia": [{"type": "text/html", "value": "Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Properly Constrained by ACLs.<p>This issue affects SimpLy Gallery: from n/a through <= 3.3.2.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1284", "description": "Improper Validation of Specified Quantity in Input"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:42.721Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25345", "state": "PUBLISHED", "dateUpdated": "2026-03-27T14:31:37.994Z", "dateReserved": "2026-02-02T12:52:42.958Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:42.721Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SimpLy Gallery: from n/a through <= 3.3.2."}, {"lang": "es", "value": "Validaci\u00f3n Incorrecta de Cantidad Especificada en la Entrada vulnerabilidad en GalleryCreator SimpLy Gallery simply-gallery-block permite Acceder a Funcionalidad No Restringida Adecuadamente por ACLs. Este problema afecta a SimpLy Gallery: desde n/a hasta &lt;= 3.3.2."}], "id": "CVE-2026-25345", "lastModified": "2026-03-30T13:27:12.923", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:16:45.213", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/simply-gallery-block/vulnerability/wordpress-simply-gallery-plugin-3-3-2-arbitrary-code-execution-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1284"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.3.2]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "SimpLy Gallery", "source": "cna", "vendor": "GalleryCreator"}, "product": "simply_gallery", "vendor": "gallerycreator"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-27T16:27:05.682972+00:00", "value": {"mitigation_remediation": ["Update SimpLy Gallery to version 3.3.3 or later. If upgrading is not immediately possible, disable or remove the plugin to eliminate the threat. Ensure that any remaining installations are not exposed to unauthenticated users by restricting access to the relevant administrative pages."], "summary": {"action": "Immediate Patch", "impact": "Arbitrary Code Execution"}, "threat_synthesis": {"affected_systems": "Vendor GalleryCreator distributes the SimpLy Gallery WordPress plugin. Any installation of the plugin from the initial release through version 3.3.2 is affected. Administrators are encouraged to check the plugin version they have deployed and compare it against the stated limit.", "description_and_impact": "The vulnerability arises from improper validation of a quantity value supplied by a user. This oversight allows an attacker to call protected functions that are not properly constrained by access control lists, leading to the ability to execute arbitrary code within the WordPress environment. The weakness is a direct example of an input validation flaw.", "risk_and_exploitability": "A CVSS score of 9.9 indicates critical severity, while an EPSS score of less than 1% suggests low current exploit probability. The vulnerability is not listed in the CISA KEV database, implying no confirmed exploits in the wild yet. An attacker would likely leverage HTTP requests crafted to submit an unvalidated quantity, thereby triggering the ACL bypass and code execution. The attack vector is inferred to be remote, via a web request, and would require the attacker to have access to the front\u2011end or an authenticated user session to submit the malicious input."}}}}, "created": "2026-03-25T21:45:06.187580+00:00", "updated": "2026-03-27T20:26:23.974388+00:00", "vendors": ["gallerycreator", "gallerycreator$PRODUCT$simply_gallery", "wordpress", "wordpress$PRODUCT$wordpress"]}