WordPress Plugin Vulnerabilities

All Video Gallery 1.2 - SQL Injection

Description

The all-video-gallery WordPress plugin was affected by a SQL Injection security vulnerability.

Affects Plugins

Plugin icon
all-video-gallery
No known fix

References

CVE
CVE-2014-5186
URL
https://codevigilant.com/disclosure/wp-plugin-all-video-gallery-a1-injection

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
fc2d158d-a4de-43c4-8e84-04170ecb45bd

Timeline

Publicly Published
2014-09-24 (about 9 years ago)
Added
2014-09-24 (about 9 years ago)
Last Updated
2019-10-21 (about 4 years ago)

Other

Published
Title
Published
2014-08-01
Title
Evarisk <= 5.1.3.6 - SQL Injection
Published
2016-12-05
Title
Single Personal Message 1.0.3 – Authenticated SQL Injection
Published
2024-03-13
Title
Automatic < 3.92.1 - Unauthenticated SQL Injection
Published
2023-09-18
Title
wpDiscuz < 7.6.6 - Unauthenticated SQL Injection
Published
2023-06-05
Title
Responsive CSS EDITOR <= 1.0 - Admin+ SQLi