Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/02/05 5:1 a.m.6 views

CVE-2024-10247

The Video Gallery – Best WordPress YouTube Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the orderby parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

7.2CVSS7.3AI score0.00521EPSS
Exploits0References1
circl
circl
added 2024/12/06 3:41 a.m.5 views

CVE-2024-10247

creationtimestamp| type| source ---|---|--- 2024-12-06 03:41:01+00:00| seen| https://infosec.exchange/users/cve/statuses/113603802589938190 2024-12-06 06:25:05+00:00| seen| https://t.me/cvedetector/12167...

7.2CVSS7.8AI score0.00521EPSS
Exploits0References2
cve
cve
added 2024/12/06 3:25 a.m.57 views

CVE-2024-10247

CVE-2024-10247 affects the WordPress plugin Video Gallery – YouTube Gallery and Vimeo Gallery up to version 2.4.2. The issue is a time-based SQL Injection caused by insufficient escaping of the user-supplied parameter in the orderby clause, allowing an authenticated attacker with Administrator-le...

7.2CVSS7AI score0.00521EPSS
Exploits0References4Affected Software1
vulnrichment
vulnrichment
added 2024/12/06 3:25 a.m.8 views

CVE-2024-10247 YouTube Gallery and Vimeo Gallery Plugin <= 2.4.2 - Authenticated (Administrator+) SQL Injection

The Video Gallery – Best WordPress YouTube Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the orderby parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

7.2CVSS7.3AI score0.00521EPSS
Exploits0References4
cvelist
cvelist
added 2024/12/06 3:25 a.m.23 views

CVE-2024-10247 YouTube Gallery and Vimeo Gallery Plugin <= 2.4.2 - Authenticated (Administrator+) SQL Injection

The Video Gallery – Best WordPress YouTube Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the orderby parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

7.2CVSS0.00521EPSS
Exploits0References4
Rows per page
Query Builder