11 matches found
CVE-2024-9018
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘key’ parameter in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL quer...
CVE-2024-8436
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'editimageId' and 'editimageDelete' parameters in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
CVE-2024-9018 WP Easy Gallery <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key Parameter
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘key’ parameter in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL quer...
CVE-2024-9018
CVE-2024-9018 affects WP Easy Gallery – WordPress Gallery Plugin. The vulnerability is a time-based SQL Injection via the key parameter in all versions up to and including 4.8.5, caused by insufficient escaping and inadequate preparation of the SQL query. Exploitation requires authenticated acces...
WordPress WP Easy Gallery plugin <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key Parameter vulnerability
Authenticated Contributor+ SQL Injection via key Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Easy Gallery versions = 4.8.5...
WordPress plugin WP Easy Gallery 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress WP Easy Gallery Plugin <= 4.8.5 is vulnerable to SQL Injection
Software WP Easy Gallery Type Plugin Vulnerable versions = 4.8.5 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-8436 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID eb8025528f3a Credits Lucio Sá Required privilege Subscriber Published 2...
PT-2024-39013 · WordPress · Wp Easy Gallery
Name of the Vulnerable Software and Affected Versions: The WP Easy Gallery – WordPress Gallery Plugin versions up to, and including, 4.8.5 Description: The issue is related to unauthorized access due to a missing capability check on several functions hooked via AJAX, such as wpeg settings and wpe...
WordPress WP Easy Gallery Plugin HTML Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WP Easy Gallery is one of the image gallery plugin. An HTML injection vulnerability exists in the WordPress WP Eas...
WP Easy Gallery <= 1.7 - Cross-Site Scripting (XSS)
The WP Easy Gallery – WordPress Gallery Plugin WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...
WordPress WP Easy Gallery 1.8 Shell Upload
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...