Login Sign Up

CVE-2024-13814

5.4 MEDIUM

📋 TL;DR

This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to execute arbitrary shortcodes through the Global Gallery plugin. Attackers can leverage this to perform actions beyond their intended permissions, potentially leading to privilege escalation or data exposure. All WordPress sites using vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:
  • Global Gallery - WordPress Responsive Gallery
Versions: All versions up to and including 9.1.5
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with plugin enabled and at least one Subscriber-level user account.

📦 What is this software?

Global Gallery by Lcweb

View all CVEs affecting Global Gallery →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could execute shortcodes that allow file uploads, code execution, or database manipulation, leading to complete site compromise.

🟠

Likely Case

Attackers use shortcodes to display sensitive content, modify site appearance, or perform limited administrative actions.

🟢

If Mitigated

With proper user role management and monitoring, impact is limited to minor content manipulation by legitimate users.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access but is straightforward once credentials are obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 9.1.6 or later

Vendor Advisory: https://lcweb.it/global-gallery-wordpress-photogallery-plugin/changelog/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins. 3. Find Global Gallery plugin. 4. Click 'Update Now' if available. 5. Alternatively, download latest version from vendor and upload manually.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily deactivate the Global Gallery plugin until patched.

wp plugin deactivate global-gallery

Restrict User Registration

all

Disable new user registration to prevent attacker account creation.

Settings > General > Membership: Uncheck 'Anyone can register'

🧯 If You Can't Patch

  • Implement strict user role management and review all Subscriber+ accounts
  • Monitor WordPress logs for unusual shortcode execution patterns

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Global Gallery version number

Check Version:

wp plugin list --name=global-gallery --field=version

Verify Fix Applied:

Confirm plugin version is 9.1.6 or higher in WordPress admin

📡 Detection & Monitoring

Log Indicators:

  • Unusual do_shortcode calls in WordPress debug logs
  • Multiple failed authentication attempts followed by successful login

Network Indicators:

  • HTTP POST requests to wp-admin/admin-ajax.php with shortcode parameters

SIEM Query:

source="wordpress.log" AND "do_shortcode" AND NOT user_role="administrator"

📊 Metadata

CVE ID: CVE-2024-13814
CVSS v3 Score: 5.4 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CWE: CWE-94
EPSS Score: 0.33% exploit probability (55.1th percentile)
Published: February 12, 2025
Last Updated: February 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13814, you might also want to check these:

CVE-2025-62521 10.0

CVE-2025-62521 is a critical pre-authentication remote code execution vulnerability in ChurchCRM tha...

Same vulnerability type (CWE-94)
CVE-2026-26216 10.0

Crawl4AI versions before 0.8.0 contain an unauthenticated remote code execution vulnerability in the...

Same vulnerability type (CWE-94)
CVE-2021-22205 10.0

CVE-2021-22205 is a critical remote code execution vulnerability in GitLab CE/EE where improper vali...

Same vulnerability type (CWE-94)