Vulnerabilities (CVE)

Filtered by vendor Wp-video-gallery-free Project Subscribe
Filtered by product Wp-video-gallery-free
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0826 1 Wp-video-gallery-free Project 1 Wp-video-gallery-free 2024-11-21 7.5 HIGH 9.8 CRITICAL
The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users