{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24964", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-28T09:50:35.465Z", "datePublished": "2026-03-25T16:14:33.077Z", "dateUpdated": "2026-03-26T20:15:37.741Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "contest-gallery", "product": "Contest Gallery", "vendor": "Wasiliy Strecker / ContestGallery developer", "versions": [{"changes": [{"at": "28.1.2.2", "status": "unaffected"}], "lessThanOrEqual": "<= 28.1.2.1", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "lilmingwa13 | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:14.285Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Server-Side Request Forgery (SSRF) vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Server Side Request Forgery.<p>This issue affects Contest Gallery: from n/a through <= 28.1.2.1.</p>"}], "value": "Server-Side Request Forgery (SSRF) vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Server Side Request Forgery.This issue affects Contest Gallery: from n/a through <= 28.1.2.1."}], "impacts": [{"capecId": "CAPEC-664", "descriptions": [{"lang": "en", "value": "Server Side Request Forgery"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:33.077Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/contest-gallery/vulnerability/wordpress-contest-gallery-plugin-28-1-2-1-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"}], "title": "WordPress Contest Gallery plugin <= 28.1.2.1 - Server Side Request Forgery (SSRF) vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T20:14:33.369452Z", "id": "CVE-2026-24964", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T20:15:37.741Z"}}]}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Server-Side Request Forgery (SSRF) vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Server Side Request Forgery.This issue affects Contest Gallery: from n/a through <= 28.1.2.1."}], "id": "CVE-2026-24964", "lastModified": "2026-03-25T17:16:38.523", "metrics": {}, "published": "2026-03-25T17:16:38.523", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/contest-gallery/vulnerability/wordpress-contest-gallery-plugin-28-1-2-1-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "audit@patchstack.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,28.1.2.1]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "28.1.2.2"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Contest Gallery", "source": "cna", "vendor": "Wasiliy Strecker / ContestGallery developer"}, "product": "contest_gallery", "vendor": "wasiliy_strecker_/_contestgallery_developer"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-25T19:52:14.422936+00:00", "value": {"mitigation_remediation": ["Update Contest Gallery to a version newer than 28.1.2.1", "If an immediate update is not possible, disable the Contest Gallery plugin or restrict its network access to trusted domains only", "Monitor web traffic for unexpected outbound requests originating from the plugin's endpoints"], "summary": {"action": "Patch", "impact": "Server-side request hijacking"}, "threat_synthesis": {"affected_systems": "WordPress installations that employ the Wasiliy Strecker Contest Gallery plugin up to and including version 28.1.2.1 are affected. All releases within that version range are vulnerable.", "description_and_impact": "The contest-gallery plugin version 28.1.2.1 and earlier contains a server\u2011side request forgery flaw that allows attackers to compel the WordPress server to fetch arbitrary URLs. This weakness can be exploited to probe internal network endpoints, exfiltrate data, or deliver malicious resources to the server, potentially compromising confidentiality and integrity of stored data. The vulnerability is categorized as CWE\u2011918.", "risk_and_exploitability": "The CVSS score is not provided, and the EPSS score is unavailable, making it difficult to quantify the exact severity; the vulnerability is also not listed in the CISA KEV catalog. Based on the description, it is inferred that an attacker who can input arbitrary URLs into a vulnerable API or form endpoint\u2014whether unauthenticated or authenticated\u2014can leverage the plugin to turn the site into a proxy. The potential impact of such SSRF is high, as it can allow internal scanning, access to privileged services, or further exploitation of downstream systems. Timely remediation is strongly advised even though no publicly disclosed exploits are known."}}}}, "created": "2026-03-25T21:34:42.013086+00:00", "updated": "2026-03-26T11:39:56.544555+00:00", "vendors": ["wasiliy_strecker_/_contestgallery_developer", "wasiliy_strecker_/_contestgallery_developer$PRODUCT$contest_gallery", "wordpress", "wordpress$PRODUCT$wordpress"]}