Lucene search

CVE-2022-4151

🗓️ 26 Dec 2022 13:12:15Reported by WPScanType

Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 allows SQL injection

Reporter	Title	Published	Views	Family All 5
WPVulnDB	Contest Gallery < 19.1.5 - Admin+ SQL Injection	5 Dec 202200:00	–	wpvulndb
NVD	CVE-2022-4151	26 Dec 202213:15	–	nvd
Prion	Cross site request forgery (csrf)	26 Dec 202213:15	–	prion
Cvelist	CVE-2022-4151 Contest Gallery < 19.1.5 - Admin+ SQL Injection	26 Dec 202212:28	–	cvelist
wpexploit	Contest Gallery < 19.1.5 - Admin+ SQL Injection	5 Dec 202200:00	–	wpexploit

Nvd

Vulners

Node

contest-gallery contest_galleryRange<19.1.5.1wordpress

contest-gallery contest_galleryRange<19.1.5.1prowordpress

[
  {
    "vendor": "Unknown",
    "product": "Contest Gallery",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "19.1.5.1"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  },
  {
    "vendor": "Unknown",
    "product": "Contest Gallery Pro",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "19.1.5.1"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/e1320c2a-818d-4e91-8dc9-ba95a1dc4377
bulletin	www.bulletin.iese.de/post/contest-gallery_19-1-4-1_2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Dec 2022 13:15Current

6.5Medium risk

Vulners AI Score6.5

CVSS36.5

EPSS0.001

CWE-89