Lucene search
K

6 matches found

Nuclei
Nuclei
added 20 hours ago40 views

WordPress WP Video Gallery <=1.7.1 - SQL Injection

WordPress WP Video Gallery plugin through 1.7.1 contains a SQL injection vulnerability. The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized...

9.8CVSS7.3AI score0.09238EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.8 views

CVE-2022-0826

The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users...

9.8CVSS9.8AI score0.09238EPSS
Exploits1References1
NVD
NVD
added 2022/05/09 5:15 p.m.26 views

CVE-2022-0826

The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users...

9.8CVSS0.09238EPSS
Exploits1References1
OSV
OSV
added 2022/05/09 5:15 p.m.4 views

CVE-2022-0826

The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users...

9.8CVSS5.8AI score0.09238EPSS
Exploits1References1
CVE
CVE
added 2022/05/09 4:50 p.m.113 views

CVE-2022-0826

Summary: CVE-2022-0826 affects WordPress plugin WP Video Gallery (versions &lt;= 1.7.1). The connected Nuclei template confirms a SQL injection vulnerability where the plugin fails to sanitize/escape a parameter before interpolating it into a SQL statement via an AJAX action. This allows unauthen...

9.8CVSS9.9AI score0.09238EPSS
In wildExploits1References1Affected Software1
Patchstack
Patchstack
added 2022/04/13 12:0 a.m.37 views

WordPress WP Video Gallery plugin <= 1.7.1 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress WP Video Gallery plugin versions = 1.7.1. Solution Deactivate and delete. This plugin has been closed as of March 29, 2022 and is not available for download. This closure is temporary, pending a full review...

9.8CVSS3.4AI score0.09238EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder