CVE-2017-1002028
The CVE-2017-1002028 entry concerns the WordPress plugin wordpress-gallery-transformation (v1.0). A SQL injection exists in ./wordpress-gallery-transformation/gallery.php where the parameter $jpic is unsanitized before being used in an SQL query. Multiple sources corroborate the vulnerability (CN...