6 matches found
📄 WordPress Contest Gallery 28.1.4 Blind SQL Injection
This Metasploit module targets a remote blind SQL injection vulnerability in WordPress Contest Gallery plugin versions 28.1.4 and earlier. ================================================================================================================================== | Title : WordPress Contest...
CVE-2026-3180
The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to blind SQL Injection via the ‘cgLostPasswordEmail’ and the ’cglmail’ parameter in all versions up to, and including, 28.1.4 due to insufficient escaping on the user supplied parameter...
CVE-2026-3180
The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to blind SQL Injection via the ‘cgLostPasswordEmail’ and the ’cglmail’ parameter in all versions up to, and including, 28.1.4 due to insufficient escaping on the user supplied parameter...
CVE-2026-3180 Contest Gallery <= 28.1.4 - Unauthenticated SQL Injection
The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to blind SQL Injection via the ‘cgLostPasswordEmail’ and the ’cglmail’ parameter in all versions up to, and including, 28.1.4 due to insufficient escaping on the user supplied parameter...
EUVD-2026-9223
The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to blind SQL Injection via the ‘cgLostPasswordEmail’ and the ’cglmail’ parameter in all versions up to, and including, 28.1.4 due to insufficient escaping on the user supplied parameter...
CVE-2026-3180
The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to blind SQL Injection via the ‘cgLostPasswordEmail’ and the ’cglmail’ parameter in all versions up to, and including, 28.1.4 due to insufficient escaping on the user supplied parameter...