ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Simple Photo Gallery Plugin <= 1.7.8 - Blind SQL Injection

Product
Simple Photo Gallery
Description
This plugin is prone to an SQL injection vulnerability in the "gallery_id" parameter.
Solution
Update the plugin.
Classification
Type SQL Injection
OWASP Top 10 A1: Injection
References
CVE
Name CVE-N/A
Versions
Affected In <= 1.7.8
Fixed In 1.8.0
Disclosure date
2015-05-21
Credits
Viktor Gazdag