Kitgenix Plugin Score

contest-gallery

Slug: contest-gallery · · 0+

Not updated in last 3 months

Overall Score

Scan this plugin to generate a full score report

--
Not Yet Scanned

What this score means

Scores are calculated on a 100-point scale by analysing six weighted categories: Security, WP.org Readiness, Performance, Code Quality, Accessibility, and Vulnerabilities. Open vulnerabilities are weighted by severity, CVSS, and patch availability, and incomplete source data can reduce confidence slightly.

  • Excellent The plugin follows best practices across every measured category. It is well-maintained, low-risk, and recommended for production use.
  • Good Strong overall quality with minor areas for improvement. Generally safe to use on most sites.
  • Needs Review Some areas of concern detected. Review the full issues report and weigh the risks before installing on production.
  • High Risk Significant quality or security problems found. Exercise caution — check the details carefully before using this plugin.
No scan has been completed yet. Vulnerability and issue data will appear after the first scan.
  • Wordfence: June 10, 2026 5:46 am (18 seconds ago)

Actions

View on WordPress.org Download Plugin
After the first scan, this plugin will be automatically re-scanned every 30 days.
Export report: CSV JSON

Score Breakdown

Shield
Security
--
Pending Scan
W
WP.org Readiness
--
Pending Scan
Speed
Performance
--
Pending Scan
Code
Code Quality
--
Pending Scan
A11y
Accessibility
--
Pending Scan
Bug
Vulnerability Status
--
Pending Scan

Plugin Details

Scan Summary

  • Errors: 0
  • Warnings: 0
  • Notices: 0
  • Last Scanned: N/A
No scan results yet. Start the first scan to populate this summary.

Detected Issues

No issues to display yet. Run the first scan to generate findings.

Score History

No history available yet. · All-Time High: N/A

All Past Vulnerabilities

Showing all known historical vulnerabilities for this plugin, including open and closed records.

Vulnerability CVE Severity Status Affected Versions Patched Version Updated Source
Contest Gallery <= 24.0.3 - Authenticated (Author+) Stored Cross-Site Scripting N/A LOW Closed *-24.0.3 24.0.4 2024-12-30 00:00:00 Wordfence
Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe <= 28.1.6 - Unauthenticated SQL Injection N/A LOW Closed *-28.1.6 28.1.7 2026-04-21 00:00:00 Wordfence
Contest Gallery <= 19.1.4.1 - Authenticated (Author+) SQL Injection via cg_row N/A LOW Closed *-19.1.4.1 19.1.5 2022-12-05 00:00:00 Wordfence
Contest Gallery <= 28.1.6 - Unauthenticated SQL Injection N/A LOW Closed *-28.1.6 28.1.7 2026-05-18 00:00:00 Wordfence
Contest Gallery <= 19.1.4.1 - Authenticated (Author+) SQL Injection via cg_order N/A LOW Closed *-19.1.4.1 19.1.5 2022-12-05 00:00:00 Wordfence
Contest Gallery <= 28.0.0 - Cross-Site Request Forgery N/A LOW Closed *-28.0.0 28.0.1 2025-10-12 00:00:00 Wordfence
Contest Gallery <= 19.1.4.1 - Authenticated (Author+) SQL Injection via option_id GET N/A LOW Closed *-19.1.4.1 19.1.5 2022-12-05 00:00:00 Wordfence
Contest Gallery <= 19.1.4.1 - Authenticated (Author+) SQL Injection via cg_activate and cg_deactivate N/A LOW Closed *-19.1.4.1 19.1.5 2022-11-29 00:00:00 Wordfence
Contest Gallery <= 19.1.4.1 - Authenticated (Author+) SQL Injection via cg_copy_start N/A LOW Closed *-19.1.4.1 19.1.5 2022-12-05 00:00:00 Wordfence
Contest Gallery <= 19.1.4.1 - Authenticated (Author+) SQL Injection via cg_copy_id N/A LOW Closed *-19.1.4.1 19.1.5 2022-12-05 00:00:00 Wordfence
Contest Gallery < 21.2.8.1 - Unauthenticated Stored Cross-Site Scripting via headers N/A LOW Closed [*, 21.2.8.1) 21.2.8.1 2023-10-10 00:00:00 Wordfence
Contest Gallery <= 19.1.4.1 - Authenticated (Author+) SQL Injection via cg_multiple_files_for_post N/A LOW Closed *-19.1.4.1 19.1.5 2022-12-05 00:00:00 Wordfence
Contest Gallery – Photo Contest Plugin for WordPress <= 13.1.0.5 - SQL Injection N/A LOW Closed *-13.1.0.5 13.1.0.6 2022-04-13 00:00:00 Wordfence
Contest Gallery <= 19.1.4.1 - Authenticated (Author+) SQL Injection via option_id N/A LOW Closed *-19.1.4.1 19.1.5 2022-11-29 00:00:00 Wordfence
Photos and Files Contest Gallery <= 21.3.2 - Authenticated (Contributor+) SQL Injection N/A LOW Closed *-21.3.2 21.3.2.1 2024-03-26 00:00:00 Wordfence
Contest Gallery < 13.1.0.7 - Authenticated Email Address Disclosure N/A LOW Closed [*, 13.1.0.7) 13.1.0.7 2021-11-01 00:00:00 Wordfence
Contest Gallery <= 19.1.4.1 - Authenticated (Author+) SQL Injection via wp_user_id N/A LOW Closed *-19.1.4.1 19.1.5 2022-12-05 00:00:00 Wordfence
Contest Gallery <= 19.1.4.1 - Authenticated (Author+) SQL Injection via cg_option_id N/A LOW Closed *-19.1.4.1 19.1.5 2022-12-05 00:00:00 Wordfence
Contest Gallery <= 25.1.0 - Authenticated (Author+) SQL Injection N/A LOW Closed *-25.1.0 25.1.2 2025-01-31 00:00:00 Wordfence
Contest Gallery – Files Upload and Contest Plugin for WordPress <= 17.0.4 - Admin+ SQL Injection N/A LOW Closed *-17.0.4 17.0.5 2022-06-01 00:00:00 Wordfence
Contest Gallery <= 23.1.2 - Unauthenticated Stored Cross-Site Scripting N/A LOW Closed *-23.1.2 23.1.3 2024-07-24 00:00:00 Wordfence
Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 26.0.0.1 - Unauthenticated Stored Cross-Site Scripting N/A LOW Closed *-26.0.0.1 26.0.1 2025-02-27 16:40:04 Wordfence
Contest Gallery <= 19.1.5 - Unauthenticated SQL Injection via user_id N/A LOW Closed *-19.1.5 19.1.5.1 2022-12-05 00:00:00 Wordfence
Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI <= 26.1.0 - Unauthenticated Stored Cross-Site Scripting N/A LOW Closed *-26.1.0 26.1.1 2025-07-31 16:20:34 Wordfence
Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe <= 28.1.2.1 - Authenticated (Subscriber+) Server-Side Request Forgery N/A LOW Closed *-28.1.2.1 28.1.2.2 2026-03-10 00:00:00 Wordfence
Contest Gallery <= 19.1.4.1 - Unauthenticated SQL Injection via cg_Fields N/A LOW Closed *-19.1.4.1 19.1.5 2022-12-05 00:00:00 Wordfence
Contest Gallery <= 26.0.6 - Reflected Cross-Site Scripting N/A LOW Closed *-26.0.6 26.0.7 2025-07-11 00:00:00 Wordfence
Contest Gallery <= 24.0.7 - Unauthenticated Arbitrary Password Reset to Privilege Escalation/Account Takeover N/A LOW Closed *-24.0.7 24.0.8 2024-11-27 00:00:00 Wordfence
Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe <= 28.1.2.2 - Missing Authorization N/A LOW Closed *-28.1.2.2 28.1.3 2026-03-23 00:00:00 Wordfence
Contest Gallery <= 19.1.5 - Authenticated (Author+) SQL Injection via cg_id N/A LOW Closed *-19.1.5 19.1.5.1 2022-12-05 00:00:00 Wordfence
Contest Gallery – Photo Contest Plugin for WordPress <= 10.4.4 - Cross-Site Request Forgery N/A LOW Closed *-10.4.4 10.4.5 2019-06-12 00:00:00 Wordfence
Contest Gallery <= 17.0.4 - Authenticated (Author+) SQL Injection N/A LOW Closed *-17.0.4 17.0.5 2022-08-09 00:00:00 Wordfence
Contest Gallery <= 23.1.2 - Unauthenticated Information Exposure N/A LOW Closed *-23.1.2 23.1.3 2024-08-16 00:00:00 Wordfence
Contest Gallery <= 13.1.0.9 - Cross-Site Scripting N/A LOW Closed *-13.1.0.9 14.0.0 2022-11-23 00:00:00 Wordfence
Contest Gallery <= 21.2.8.4 - Cross-Site Request Forgery N/A LOW Closed *-21.2.8.4 21.2.9 2024-01-09 00:00:00 Wordfence
Contest Gallery <= 28.1.5 - Unauthenticated Privilege Escalation Admin Account Takeover via Registration Confirmation Email-to-ID Type Confusion N/A LOW Closed *-28.1.5 28.1.6 2026-03-23 11:19:11 Wordfence
Contest Gallery <= 19.1.4.1 - Authenticated (Author+) SQL Injection via addCountS N/A LOW Closed *-19.1.4.1 19.1.5 2022-12-05 00:00:00 Wordfence
Contest Gallery (Pro) <= 19.1.5 - SQL Injection via option_id N/A LOW Closed *-19.1.5 19.1.5.1 2022-12-05 00:00:00 Wordfence
Contest Gallery <= 26.0.8 - Authenticated (Author+) Stored Cross-Site Scripting N/A LOW Closed *-26.0.8 26.0.9 2025-07-10 18:41:31 Wordfence
Contest Gallery <= 21.2.8.4 - Cross-Site Request Forgery N/A LOW Closed *-21.2.8.4 21.2.9 2024-02-05 00:00:00 Wordfence
Contest Gallery <= 28.0.2 - Missing Authorization N/A LOW Closed *-28.0.2 28.0.3 2025-11-14 18:27:20 Wordfence
Contest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.2 - Authenticated (Author+) Stored Cross-Site Scripting N/A LOW Closed *-27.0.2 27.0.3 2025-10-03 14:48:39 Wordfence
Contest Gallery <= 19.1.5 - Authenticated (Author+) SQL Injection via upload[] N/A LOW Closed *-19.1.5 19.1.5.1 2022-12-05 00:00:00 Wordfence
Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 24.0.3 - Unauthenticated SQL Injection N/A LOW Closed *-24.0.3 24.0.4 2024-11-04 21:11:26 Wordfence
Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe <= 28.1.7 - Authenticated (Subscriber+) Sensitive Information Exposure N/A LOW Closed *-28.1.7 29.0.0 2026-04-29 00:00:00 Wordfence
Contest Gallery <= 26.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter N/A LOW Closed *-26.0.6 26.0.7 2025-05-07 22:33:58 Wordfence
Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe <= 28.1.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting N/A LOW Closed *-28.1.6 29.0.0 2026-04-29 00:00:00 Wordfence
Contest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.3 - Unauthenticated CSV Injection N/A LOW Closed *-27.0.3 28.0.0 2025-10-10 19:47:00 Wordfence
Contest Gallery <= 28.1.4 - Unauthenticated SQL Injection N/A LOW Closed *-28.1.4 28.1.5 2026-03-02 04:44:39 Wordfence
Contest Gallery <= 21.3.4 - Authenticated (Author+) Arbitrary File Deletion N/A LOW Closed *-21.3.4 21.3.5 2024-04-22 00:00:00 Wordfence
Contest Gallery <= 21.3.5 - Reflected Cross-Site Scripting N/A LOW Closed *-21.3.5 21.3.6 2024-03-28 00:00:00 Wordfence
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Competition Plugin for WordPress <= 21.3.0 - Authenticated (Author+) Stored Cross-Site Scripting N/A LOW Closed *-21.3.0 21.3.1 2024-02-14 00:00:00 Wordfence
Contest Gallery <= 21.1.2 - Reflected Cross-Site Scripting N/A LOW Closed *-21.1.2 21.1.2.1 2023-03-27 00:00:00 Wordfence
Contest Gallery <= 28.1.1 - Missing Authorization N/A LOW Closed *-28.1.1 28.1.2 2026-01-09 00:00:00 Wordfence
Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe <= 28.1.7 - Missing Authorization N/A LOW Closed *-28.1.7 29.0.0 2026-04-29 00:00:00 Wordfence
Photos and Files Contest Gallery <= 21.3.4 - Authenticated (Contributor+) SQL Injection N/A LOW Closed *-21.3.4 21.3.5 2024-03-26 00:00:00 Wordfence
Contest Gallery <= 13.1.0.9 - Authenticated (Author+) Stored Cross-Site Scripting N/A LOW Closed *-13.1.0.9 14.0.0 2021-12-20 12:39:00 Wordfence