CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2022-4150 – Contest Gallery < 19.1.5 - Author+ SQL Injection
https://notcve.org/view.php?id=CVE-2022-4150
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the option_id POST parameter before concatenating it to an SQL query in order-custom-fields-with-and-without-search.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database. El complemento de WordPress Contest Gallery anterior a 19.1.5.1 y el complemento de WordPress de Contest Gallery Pro anterior a 19.1.5.1 no escapan del parámetro POST option_id antes de concatenarlo a una consulta SQL en order-custom-fields-with-and- without-search.php. Esto puede permitir que usuarios malintencionados con al menos privilegios de autor filtren información confidencial de la base de datos del sitio. The Contest Gallery (Pro) plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 19.1.5 due to insufficient escaping on the user supplied option_id parameter and lack of sufficient preparation on the existing SQL query in the order-custom-fields-with-and-without-search.php file. • https://bulletin.iese.de/post/contest-gallery_19-1-4-1_13 https://wpscan.com/vulnerability/d5d39138-a216-46cd-9e5f-fc706a2c93da • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2022-4153 – Contest Gallery < 19.1.5.1 - Author+ SQL Injection
https://notcve.org/view.php?id=CVE-2022-4153
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the upload[] POST parameter before concatenating it to an SQL query in get-data-create-upload-v10.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database. El complemento de WordPress Contest Gallery anterior a 19.1.5.1 y el complemento de WordPress de Contest Gallery Pro anterior a 19.1.5.1 no escapan del parámetro POST de carga[] antes de concatenarlo a una consulta SQL en get-data-create-upload-v10.php. Esto puede permitir que usuarios malintencionados con al menos privilegios de autor filtren información confidencial de la base de datos del sitio. The Contest Gallery plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 19.1.5 due to insufficient escaping on the user supplied upload[] parameter and lack of sufficient preparation on the existing SQL query. • https://bulletin.iese.de/post/contest-gallery_19-1-4-1_7 https://wpscan.com/vulnerability/35b0126d-9293-4e64-a00f-0903303f960a • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2022-4163 – Contest Gallery < 19.1.5 - Author+ SQL Injection
https://notcve.org/view.php?id=CVE-2022-4163
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_deactivate and cg_activate POST parameters before concatenating it to an SQL query in 2_deactivate.php and 4_activate.php, respectively. This may allow malicious users with at least author privilege to leak sensitive information from the site's database. El complemento de WordPress Contest Gallery anterior a 19.1.5.1 y el complemento de WordPress de Contest Gallery Pro anterior a 19.1.5.1 no escapan de los parámetros POST cg_deactivate y cg_activate antes de concatenarlos a una consulta SQL en 2_deactivate.php y 4_activate.php, respectivamente. Esto puede permitir que usuarios malintencionados con al menos privilegios de autor filtren información confidencial de la base de datos del sitio. The Contest Gallery plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 19.1.4.1 due to insufficient escaping on the user supplied cg_activate and cg_deactivate parameters and lack of sufficient preparation on the existing SQL query. • https://bulletin.iese.de/post/contest-gallery_19-1-4-1_10 https://wpscan.com/vulnerability/de0d7db7-f911-4f5f-97f6-885ca60822d1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2022-4151 – Contest Gallery < 19.1.5 - Admin+ SQL Injection
https://notcve.org/view.php?id=CVE-2022-4151
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the option_id GET parameter before concatenating it to an SQL query in export-images-data.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database. El complemento de WordPress Contest Gallery anterior a 19.1.5.1 y el complemento de WordPress de Contest Gallery Pro anterior a 19.1.5.1 no escapan del parámetro GET option_id antes de concatenarlo a una consulta SQL en export-images-data.php. Esto puede permitir que usuarios malintencionados con al menos privilegios de autor filtren información confidencial de la base de datos del sitio. The Contest Gallery plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 19.1.4.1 due to insufficient escaping on the user supplied option_id parameter and lack of sufficient preparation on the existing SQL query. • https://bulletin.iese.de/post/contest-gallery_19-1-4-1_2 https://wpscan.com/vulnerability/e1320c2a-818d-4e91-8dc9-ba95a1dc4377 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45848 – WordPress Contest Gallery Plugin <= 13.1.0.9 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2022-45848
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 13.1.0.9 on WordPress. Vulnerabilidad de Cross-Site Scripting (XSS)Almacenada No Autenticada en el complemento Contest Gallery <= 13.1.0.9 en WordPress. The Contest Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 13.1.0.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/contest-gallery/wordpress-contest-gallery-plugin-13-1-0-9-unauth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •