{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1036", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-01-16T12:28:18.569Z", "datePublished": "2026-01-21T23:23:27.600Z", "dateUpdated": "2026-04-08T16:51:50.257Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:51:50.257Z"}, "affected": [{"vendor": "10web", "product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.8.36", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_comment() function in all versions up to, and including, 1.8.36. This makes it possible for unauthenticated attackers to delete arbitrary image comments. Note: comments functionality is only available in the Pro version of the plugin."}], "title": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery <= 1.8.36 - Missing Authorization to Unauthenticated Arbitrary Comment Deletion", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4eb2ae42-584d-4da8-9184-461b5a37b7b6?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.35/frontend/controllers/BWGControllerGalleryBox.php#L173"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Moose Love"}], "timeline": [{"time": "2026-01-06T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2026-01-16T12:44:28.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-01-21T10:40:15.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-22T14:44:56.011900Z", "id": "CVE-2026-1036", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T14:45:03.975Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1036", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-22T14:44:56.011900Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T14:45:00.619Z"}}], "cna": {"title": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery <= 1.8.36 - Missing Authorization to Unauthenticated Arbitrary Comment Deletion", "credits": [{"lang": "en", "type": "finder", "value": "Moose Love"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "10web", "product": "Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.8.36"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-01-06T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2026-01-16T12:44:28.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-01-21T10:40:15.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4eb2ae42-584d-4da8-9184-461b5a37b7b6?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.35/frontend/controllers/BWGControllerGalleryBox.php#L173"}], "descriptions": [{"lang": "en", "value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_comment() function in all versions up to, and including, 1.8.36. This makes it possible for unauthenticated attackers to delete arbitrary image comments. Note: comments functionality is only available in the Pro version of the plugin."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-01-21T23:23:27.600Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1036", "state": "PUBLISHED", "dateUpdated": "2026-01-22T14:45:03.975Z", "dateReserved": "2026-01-16T12:28:18.569Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-01-21T23:23:27.600Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_comment() function in all versions up to, and including, 1.8.36. This makes it possible for unauthenticated attackers to delete arbitrary image comments. Note: comments functionality is only available in the Pro version of the plugin."}, {"lang": "es", "value": "El plugin Photo Gallery por 10Web \u2013 Mobile-Friendly Image Gallery para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n delete_comment() en todas las versiones hasta la 1.8.36, inclusive. Esto hace posible que atacantes no autenticados eliminen comentarios de im\u00e1genes arbitrarios. Nota: la funcionalidad de comentarios solo est\u00e1 disponible en la versi\u00f3n Pro del plugin."}], "id": "CVE-2026-1036", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-01-22T00:15:51.490", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.35/frontend/controllers/BWGControllerGalleryBox.php#L173"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4eb2ae42-584d-4da8-9184-461b5a37b7b6?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-16T02:08:18.393916+00:00", "value": {"mitigation_remediation": ["Upgrade the Photo Gallery by 10Web plugin to the latest version that addresses the missing capability check.", "If an upgrade is not available, disable comment functionality for the Pro edition through the plugin settings or remove the plugin entirely.", "As a temporary measure, restrict access to the comment deletion endpoint by adding authentication requirements via server\u2011side configuration or firewall rules."], "summary": {"action": "Patch", "impact": "Unauthenticated arbitrary comment deletion"}, "threat_synthesis": {"affected_systems": "WordPress sites that have the 10Web Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin version 1.8.36 or earlier are affected. The Pro edition\u2019s comment feature is present in these releases.", "description_and_impact": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin contains a missing capability check on the delete_comment() function in all versions up to 1.8.36. This flaw allows an unauthenticated user to delete any image comment in the Pro version of the plugin. The ability to remove comments comes from the lack of an authorization check in the deletion routine.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity and the EPSS score of less than 1% suggests a low likelihood of exploitation. The vulnerability is not listed in CISA\u2019s KEV catalog. An attacker can exploit the flaw by invoking the delete_comment function without authentication, thereby deleting arbitrary comments. The overall risk is moderate but warrants prompt attention."}}}}, "created": "2026-01-22T10:08:40.921203+00:00", "updated": "2026-04-16T02:15:21.331960+00:00", "vendors": ["10web", "10web$PRODUCT$photo_gallery", "wordpress", "wordpress$PRODUCT$wordpress"]}