CVE-2022-4151
The CVE-2022-4151 entry concerns the Contest Gallery WordPress plugin (and Contest Gallery Pro) prior to 19.1.5.1, where the option_id GET parameter is not escaped before being concatenated into an SQL query in export-images-data.php. This SQL injection could allow a user with at least author pri...