These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-42657 is an unauthenticated other vulnerability type affecting Contest Gallery versions up to 28.1.7. The vulnerability has a CVSS score of 5.3 and a severity of MEDIUM. It was published on 2026-06-15T21:16:55.333Z and modified on 2026-06-15T21:24:32.790Z.
A Subscriber Cross Site Scripting (XSS) vulnerability was found in Contest Gallery <= 28.1.6 versions. This vulnerability has been assigned a CVSS score of 6.5, indicating a Medium severity level. The vulnerability was published on [CVE.org](resourceLinkAnnotations:cve-org) and additional details can be found on [NVD](resourceLinkAnnotations:nvd).
CVE-2026-40771 is a critical vulnerability in the Contest Gallery plugin, affecting versions up to and including 28.1.6. This vulnerability allows unauthenticated SQL injection, which can lead to severe consequences, including data breaches and system compromise. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 9.3, indicating a critical severity level.