Ays-pro - Photo Gallery CVE

Filtered by vendor Ays-pro Subscribe

Filtered by product Photo Gallery

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-24462	1 Ays-pro	1 Photo Gallery	2021-08-10	6.5 MEDIUM	8.8 HIGH
The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays â€“ Responsive Image Gallery WordPress plugin before 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard

Vulnerabilities (CVE)