WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. A SQL injection vulnerability exists in versions prior to WordPress Photo Gallery plugin 1.6.3, which stems from the plugin’s inability to properly escape the filter_tag parameter. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress photo gallery plugin | lt | 1.6.3 |