ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Responsive Image Gallery, Gallery Album plugin <=1.2.0 - Authenticated SQL Injection vulnerability

Product
Responsive Image Gallery, Gallery Album
Description
Authenticated SQL Injection vulnerability found by Manuel García Cárdenas in WordPress Responsive Image Gallery, Gallery Album version 1.2.0 and earlier versions.
Solution
Update the Responsive Image Gallery, Gallery Album plugin to the latest available version (at least 1.2.1).
Classification
Type SQL Injection
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <=1.2.0
Fixed In 1.2.1
Disclosure date
2017-09-25
Credits
Manuel García Cárdenas
Submitter
ThreatPress