{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25035", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-28T09:52:08.058Z", "datePublished": "2026-03-25T16:14:39.024Z", "dateUpdated": "2026-04-28T16:14:54.148Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "contest-gallery", "product": "Contest Gallery", "vendor": "Wasiliy Strecker / ContestGallery developer", "versions": [{"changes": [{"at": "28.1.3", "status": "unaffected"}], "lessThanOrEqual": "28.1.2.2", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "daroo | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-22T14:18:22.054Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Authentication Abuse.<p>This issue affects Contest Gallery: from n/a through <= 28.1.2.2.</p>"}], "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Authentication Abuse.This issue affects Contest Gallery: from n/a through <= 28.1.2.2."}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "Authentication Abuse"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-288", "description": "Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:54.148Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/contest-gallery/vulnerability/wordpress-contest-gallery-plugin-28-1-2-2-account-takeover-vulnerability?_s_id=cve"}], "title": "WordPress Contest Gallery plugin <= 28.1.2.2 - Account Takeover vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-28T01:28:14.055062Z", "id": "CVE-2026-25035", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T01:28:17.208Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25035", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-28T01:28:14.055062Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:34:46.583Z"}}], "cna": {"title": "WordPress Contest Gallery plugin <= 28.1.2.2 - Account Takeover vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "daroo | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "Authentication Abuse"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Wasiliy Strecker / ContestGallery developer", "product": "Contest Gallery", "versions": [{"status": "affected", "changes": [{"at": "28.1.3", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "28.1.2.2"}], "packageName": "contest-gallery", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-22T14:18:22.054Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/contest-gallery/vulnerability/wordpress-contest-gallery-plugin-28-1-2-2-account-takeover-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Authentication Abuse.This issue affects Contest Gallery: from n/a through <= 28.1.2.2.", "supportingMedia": [{"type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Authentication Abuse.<p>This issue affects Contest Gallery: from n/a through <= 28.1.2.2.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-288", "description": "Authentication Bypass Using an Alternate Path or Channel"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-23T14:14:08.647Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25035", "state": "PUBLISHED", "dateUpdated": "2026-04-28T01:28:17.208Z", "dateReserved": "2026-01-28T09:52:08.058Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:39.024Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Authentication Abuse.This issue affects Contest Gallery: from n/a through <= 28.1.2.2."}, {"lang": "es", "value": "Omisi\u00f3n de autenticaci\u00f3n Usando una Ruta o Canal Alternativo vulnerabilidad en Wasiliy Strecker / el desarrollador de ContestGallery Contest Gallery contest-gallery permite el Abuso de Autenticaci\u00f3n. Este problema afecta a Contest Gallery: desde n/a hasta &lt;= 28.1.2.2."}], "id": "CVE-2026-25035", "lastModified": "2026-04-24T16:32:53.997", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "audit@patchstack.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:16:43.377", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/contest-gallery/vulnerability/wordpress-contest-gallery-plugin-28-1-2-2-account-takeover-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-288"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,28.1.2.2]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "28.1.3"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Contest Gallery", "source": "cna", "vendor": "Wasiliy Strecker / ContestGallery developer"}, "product": "contest_gallery", "vendor": "wasiliy_strecker_/_contestgallery_developer"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-26T19:39:14.964673+00:00", "value": {"mitigation_remediation": ["Upgrade the Contest Gallery plugin to a version newer than 28.1.2.2 to remove the authentication bypass flaw", "If an upgrade is not immediately possible, deactivate or remove the Contest Gallery plugin from the site to eliminate the attack surface", "Deploy monitoring or logging mechanisms to detect unauthorized login attempts or account takeovers", "Apply general WordPress security best practices, including limiting login attempts and using strong, unique passwords for all accounts"], "summary": {"action": "Immediate Patch", "impact": "Account takeover"}, "threat_synthesis": {"affected_systems": "This issue affects the Contest Gallery WordPress plugin, developed by Wasiliy Strecker / Contest Gallery. All releases up to and including version 28.1.2.2 are vulnerable, with the problem present in every release prior to the unavailable baseline", "description_and_impact": "The reported vulnerability allows an attacker to bypass authentication by exploiting an alternate path or channel within the Contest Gallery plugin. This authentication bypass can be used to gain unauthorized access to any user account, including administrative accounts, thereby giving the attacker full control over the WordPress site\u2019s content, configuration, and potentially sensitive user data.", "risk_and_exploitability": "The CVSS score of 9.8 indicates a critical severity, yet the EPSS score of less than 1% suggests that the likelihood of active exploitation is currently low. The vulnerability is not listed in CISA\u2019s KEV catalog, implying no known mass exploitation at this time. The attack vector is remote, requiring only access to the contested plugin\u2019s alternate authentication channel, which an attacker can target through a website\u2019s exposed endpoints. No special privileges or local conditions are required to exploit this flaw."}}}}, "created": "2026-03-25T21:34:09.851681+00:00", "updated": "2026-03-27T09:46:05.231377+00:00", "vendors": ["wasiliy_strecker_/_contestgallery_developer", "wasiliy_strecker_/_contestgallery_developer$PRODUCT$contest_gallery", "wordpress", "wordpress$PRODUCT$wordpress"]}