CVE-2016-10940
The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter.
7.2CVSS
7.5AI Score
0.007EPSS