Improper Input Validation Vulnerability in GalleryCreator's SimpLy Gallery Plugin
CVE-2026-25345
9.9CRITICAL
What is CVE-2026-25345?
An improper validation issue in the SimpLy Gallery plugin allows users to interact with functionalities that are inadequately constrained by Access Control Lists (ACLs). This vulnerability can lead to unauthorized access, where attackers can exploit the plugin and potentially execute arbitrary code on affected WordPress sites using versions up to and including 3.3.2. It emphasizes the need for proper validation mechanisms to ensure the security of user inputs.
Affected Version(s)
SimpLy Gallery 0 <= 3.3.2