GB Gallery Slideshow 1.5 – SQL Injection | CVE 2014-8375

Affects Plugins

gb-gallery-slideshow

Fixed in 1.6

References

CVE

CVE-2014-8375

URL

https://packetstormsecurity.com/files/#127833/

Classification

Type

SQLI

OWASP top 10

A1: Injection

CWE

CWE-89

Miscellaneous

Submitter

pvdl

Verified

No

WPVDB ID

6d6b4fdb-ec12-4b57-aa2c-f17994042564

Timeline

Publicly Published

2014-11-02 (about 11 years ago)

Added

2014-11-02 (about 11 years ago)

Last Updated

2019-10-21 (about 6 years ago)

Other

Published

Title

Published

2025-02-11

Title

Small Package Quotes – UPS Edition < 4.5.17 - Unauthenticated SQL Injection

Published

2026-01-21

Title

Nelio Content < 4.2.1 - Authenticated (Contributor+) SQL Injection

Published

2025-10-02

Title

Wp cycle text announcement <= 8.1 - Authenticated (Contributor+) SQL Injection

Published

2025-04-09

Title

WP Online Users Stats <= 1.0.0 - Unauthenticated SQL Injection

Published

2025-07-15

Title

ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes < 1.5.0 - Authenticated (Subscriber+) SQL Injection