5 matches found
CVE-2024-30236
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through = 21.3.4...
CVE-2024-30236
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Contest Gallery.This issue affects Contest Gallery: from n/a through 21.3.4...
CVE-2024-30236 WordPress Contest Gallery plugin <= 21.3.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through = 21.3.4...
CVE-2024-30236
The CVE refers to WordPress Contest Gallery plugin prior to 21.3.4, vulnerable to SQL Injection due to improper neutralization of user input in SQL queries. Impact per connected sources includes potential data exposure/manipulation; exploitation typically requires contributor-level access (per Pa...
WordPress Contest Gallery Plugin <= 21.3.4 is vulnerable to SQL Injection
Software Contest Gallery Type Plugin Vulnerable versions = 21.3.4 Fixed in 21.3.5 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-30236 Patch priority Low CVSS severity Low 8.5 Developer Wasiliy Strecker PSID 03348ec935e2 Credits Emili Castells Required privilege Contributor...