3 matches found
CVE-2024-8436
The CVE CVE-2024-8436 affects the WP Easy Gallery – WordPress Gallery Plugin and is an authenticated SQL Injection vulnerability in versions up to 4.8.5. Exploitation requires subscriber-level access or higher and targets the edit_imageId and edit_imageDelete parameters, where insufficient escapi...
CVE-2024-9018
CVE-2024-9018 affects WP Easy Gallery – WordPress Gallery Plugin. The vulnerability is a time-based SQL Injection via the key parameter in all versions up to and including 4.8.5, caused by insufficient escaping and inadequate preparation of the SQL query. Exploitation requires authenticated acces...
CVE-2024-8437
The CVE-2024-8437 entry concerns WP Easy Gallery – WordPress Gallery Plugin (vulnerable 4.8.5).