Vulnerability Details CVE-2017-1002012
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, In image-gallery-with-slideshow/admin_setting.php the following snippet of code does not sanitize input via the gid variable before passing it into an SQL statement.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.103
EPSS Ranking 92.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2017-1002012
-
cpe:2.3:a:anblik:image-gallery-with-slideshow:1.5.2