56 matches found
CVE-2024-1859
CVE-2024-1859 refers to the Slider Responsive Slideshow – Image slider, Gallery slideshow WordPress plugin. The vulnerability is a PHP Object Injection in versions up to and including 1.3.8, triggered by deserialization of untrusted input in the awl_slider_responsive_shortcode function. With cont...
WordPress Plugin Photo Gallery Slideshow & Masonry Tiled Gallery Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
PT-2023-19363 · WordPress · The Photo Gallery Slideshow & Masonry Tiled Gallery
Name of the Vulnerable Software and Affected Versions: The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress versions up to, and including, 1.0.13 Description: The issue arises from insufficient input sanitization and output escaping, making it possible for unauthenticated...
CVE-2017-1002013
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection via imgid parameter in image-gallery-with-slideshow/adminsetting.php...
CVE-2017-1002014
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/adminsetting.php via galleryname parameter...
CVE-2017-1002014
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/adminsetting.php via galleryname parameter...
CVE-2014-8375
SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selectedgroup parameter in a gbajaxgetgroup action to wp-admin/admin-ajax.php...
CVE-2014-8375
SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selectedgroup parameter in a gbajaxgetgroup action to wp-admin/admin-ajax.php...
Sql injection
SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selectedgroup parameter in a gbajaxgetgroup action to wp-admin/admin-ajax.php...
CVE-2014-8375
SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selectedgroup parameter in a gbajaxgetgroup action to wp-admin/admin-ajax.php...
CVE-2014-8375
GB Gallery Slideshow WordPress plugin 1.5 contains a SQL injection vulnerability in GBgallery.php. The issue is exploitable via the selected_group parameter in the gb_ajax_get_group action called through wp-admin/admin-ajax.php, allowing remote attackers (with appropriate privileges) to execute a...
WordPress Plugin GB Gallery Slideshow - '/wp-admin/admin-ajax.php' SQL Injection
source: https://www.securityfocus.com/bid/69181/info The GB Gallery Slideshow plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the...
WordPress GB Gallery Slideshow 1.5 SQL Injection
Exploit Title : Wordpress GB Gallery Slideshow 1.5 Authenticated SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://gb-plugins.com/ Software Link : http://downloads.wordpress.org/plugin/gb-gallery-slideshow.1.5.zip Date : 2014-08-09 Tested on : Linux / sqlmap 1.0-dev-5b2ded0...
WordPress Plugin GB Gallery Slideshow - wp-adminadmin-ajax.php SQL Injection
WordPress Plugin GB Gallery Slideshow - wp-adminadmin-ajax.php SQL Injection source: https://www.securityfocus.com/bid/69181/info The GB Gallery Slideshow plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it i...
ZooEffect 1.08 - HTTP Referer Reflected XSS
Description The ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast – HTML5 WordPress plugin was affected by a HTTP Referer Reflected XSS security vulnerability...
CVE-2007-6691
Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to 1 "hotlink protection" in the URL rewrite module, 2 a WebDAV view in the WebDAV module, 3 a comment view in the Comment module, 4 unspecified "item information disclosure attacks" in the Core modu...