logoWordPressPluginsThemesAPISubmitContact
search-icon
logo
search-icon
WordPressPluginsThemesAPISubmitContactSecurity Scanner
Register

Photo Gallery by WD <= 1.3.50 - Authenticated SQL Injection

Description

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by an Authenticated SQL Injection security vulnerability.

Affects Plugins

photo-gallery

Fixed in version 1.3.51

References

CVE

CVE-2017-12977

URL

https://github.com/jgj212/Advisories/blob/master/photo-gallery.1.3.50-SQL

URL

https://plugins.trac.wordpress.org/changeset/1712095/photo-gallery

Classification

Type

SQLI

OWASP top 10

A1: Injection

CWE

CWE-89

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter

ethicalhack3r

Verified

No

WPVDB ID

f0a9861c-e9f8-4e8d-aee7-e1cf72f51077

Timeline

Publicly Published

2017-08-20 (about 4 years ago)

Added

2017-08-25 (about 4 years ago)

Last Updated

2020-09-22 (about 1 years ago)

Our Other Services

WPScan WordPress Security Plugin