CVE Published: 09/05/2022 |
CVE Updated: 02/08/2024 |
CVE Year: 2022 Source: WPScan |
Vendor: Unknown |
Product: WP Video Gallery Status : PUBLISHED
CVE-2022-0826 Description
The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users