Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 4:27 a.m.7 views

CVE-2024-9018

The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘key’ parameter in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL quer...

8.8CVSS7.3AI score0.00484EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:41 p.m.8 views

CVE-2024-8436

The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'editimageId' and 'editimageDelete' parameters in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

9.9CVSS7.2AI score0.00483EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/01 8:30 a.m.12 views

CVE-2024-9018 WP Easy Gallery <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key Parameter

The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘key’ parameter in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL quer...

8.8CVSS7.3AI score0.00484EPSS
Exploits0References3
CVE
CVE
added 2024/10/01 8:30 a.m.50 views

CVE-2024-9018

CVE-2024-9018 affects WP Easy Gallery – WordPress Gallery Plugin. The vulnerability is a time-based SQL Injection via the key parameter in all versions up to and including 4.8.5, caused by insufficient escaping and inadequate preparation of the SQL query. Exploitation requires authenticated acces...

8.8CVSS8.7AI score0.00484EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/01 3:54 a.m.3 views

WordPress WP Easy Gallery plugin <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key Parameter vulnerability

Authenticated Contributor+ SQL Injection via key Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Easy Gallery versions = 4.8.5...

8.8CVSS8.1AI score0.00484EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.4 views

WordPress plugin WP Easy Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.4AI score0.0028EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.9 views

WordPress WP Easy Gallery Plugin <= 4.8.5 is vulnerable to SQL Injection

Software WP Easy Gallery Type Plugin Vulnerable versions = 4.8.5 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-8436 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID eb8025528f3a Credits Lucio Sá Required privilege Subscriber Published 2...

9.9CVSS6.9AI score0.00483EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/24 12:0 a.m.7 views

PT-2024-39013 · WordPress · Wp Easy Gallery

Name of the Vulnerable Software and Affected Versions: The WP Easy Gallery – WordPress Gallery Plugin versions up to, and including, 4.8.5 Description: The issue is related to unauthorized access due to a missing capability check on several functions hooked via AJAX, such as wpeg settings and wpe...

4.3CVSS6.8AI score0.0028EPSS
Exploits0References7
CNVD
CNVD
added 2016/02/08 12:0 a.m.1 views

WordPress WP Easy Gallery Plugin HTML Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WP Easy Gallery is one of the image gallery plugin. An HTML injection vulnerability exists in the WordPress WP Eas...

7AI score
Exploits0References1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.14 views

WP Easy Gallery <= 1.7 - Cross-Site Scripting (XSS)

The WP Easy Gallery – WordPress Gallery Plugin WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

1.9AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2012/06/08 12:0 a.m.38 views

WordPress WP Easy Gallery 1.8 Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Exploits0
Rows per page
Query Builder