Wp-Video-Gallery-Free Project: Security Vulnerabilities
The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users
CVSS Score
9.8
EPSS Score
0.73
Published
2022-05-09