WordPress Plugin Vulnerabilities

Gallery Objects <= 0.4 - SQL Injection

Description

The gallery-objects WordPress plugin was affected by a SQL Injection security vulnerability.

Affects Plugins

Plugin icon
gallery-objects
No known fix

References

CVE
CVE-2014-5201
URL
https://packetstormsecurity.com/files/#127533/
URL
https://www.homelab.it/index.php/2014/07/18/wordpress-gallery-objects-0-4-sql-injection/#sthash.ftMVwBVK.dpbs

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Submitter
erwanlr
Verified
No
WPVDB ID
0ba549fd-eeb1-4028-afa2-a133e9b39e28

Timeline

Publicly Published
2014-09-19 (about 11 years ago)
Added
2014-09-19 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2024-02-09
Title
Awesome Support – WordPress HelpDesk & Support Plugin < 6.1.8 - Authenticated (Subscriber+) SQL Injection
Published
2023-09-12
Title
WooCommerce Beta Tester < 2.2.4 - Admin+ SQLi
Published
2021-01-18
Title
301 Redirects - Easy Redirect Manager < 2.51 - Authenticated SQL Injection
Published
2025-04-16
Title
Modal Survey <= 2.0.2.0.1 - Unauthenticated SQL Injection
Published
2026-03-25
Title
Download Monitor < 5.1.9 - Authenticated (Contributor+) SQL Injection