CVE-2025-14455
Authorization Bypass in Image Photo Gallery Plugin Allows Gallery Manipulation
Publication date: 2025-12-19
Last updated on: 2025-12-19
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | final_tiles_grid_gallery | 3.6.7 |
| wordpress | final_tiles_grid_gallery | 3.6.8 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-14455 is an authorization bypass vulnerability in the Image Photo Gallery Final Tiles Grid plugin for WordPress, affecting all versions up to and including 3.6.7. The plugin fails to properly verify whether a user is authorized to perform gallery management actions. As a result, authenticated users with Contributor-level access or higher can delete, modify, or clone galleries created by any user, including administrators. [1, 2]
How can this vulnerability impact me? :
This vulnerability allows authenticated users with Contributor-level access or above to perform unauthorized actions on galleries, such as deleting, modifying, or cloning galleries created by other users, including administrators. This can lead to unauthorized data manipulation, loss of gallery content, and potential disruption of website functionality or content integrity. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring attempts to access or perform gallery management actions (such as deleting or modifying galleries) via the plugin's AJAX endpoints without proper authorization. Specifically, you can look for unauthorized POST requests to the gallery deletion or editing AJAX URLs, checking for missing or invalid nonces or unauthorized user capabilities. Since the plugin uses WordPress AJAX actions for gallery management, commands to inspect web server logs for suspicious POST requests to endpoints related to 'delete_gallery' or 'gallery_admin_init' can help. For example, using grep on your web server logs to find POST requests to admin-ajax.php with parameters related to gallery deletion or editing, and checking for unusual user accounts or IP addresses. Example command: `grep 'admin-ajax.php' /var/log/apache2/access.log | grep -E 'action=delete_gallery|action=gallery_admin_init'` Additionally, monitoring WordPress user activity logs for Contributor-level users performing gallery deletions or modifications can help detect exploitation attempts. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the Final Tiles Grid Gallery plugin to version 3.6.8 or later, as this version includes security fixes that enforce nonce validation, user capability checks, and input sanitization to prevent unauthorized gallery deletion or modification. If updating immediately is not possible, restrict Contributor-level users from accessing gallery management functions or disable the plugin temporarily. Additionally, review and tighten user permissions to ensure only trusted users have Contributor-level or higher access. Monitoring and blocking suspicious AJAX requests related to gallery management can also help mitigate exploitation attempts. [2]