CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2022-4163 – Contest Gallery < 19.1.5 - Author+ SQL Injection
https://notcve.org/view.php?id=CVE-2022-4163
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_deactivate and cg_activate POST parameters before concatenating it to an SQL query in 2_deactivate.php and 4_activate.php, respectively. This may allow malicious users with at least author privilege to leak sensitive information from the site's database. El complemento de WordPress Contest Gallery anterior a 19.1.5.1 y el complemento de WordPress de Contest Gallery Pro anterior a 19.1.5.1 no escapan de los parámetros POST cg_deactivate y cg_activate antes de concatenarlos a una consulta SQL en 2_deactivate.php y 4_activate.php, respectivamente. Esto puede permitir que usuarios malintencionados con al menos privilegios de autor filtren información confidencial de la base de datos del sitio. The Contest Gallery plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 19.1.4.1 due to insufficient escaping on the user supplied cg_activate and cg_deactivate parameters and lack of sufficient preparation on the existing SQL query. • https://bulletin.iese.de/post/contest-gallery_19-1-4-1_10 https://wpscan.com/vulnerability/de0d7db7-f911-4f5f-97f6-885ca60822d1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2022-4151 – Contest Gallery < 19.1.5 - Admin+ SQL Injection
https://notcve.org/view.php?id=CVE-2022-4151
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the option_id GET parameter before concatenating it to an SQL query in export-images-data.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database. El complemento de WordPress Contest Gallery anterior a 19.1.5.1 y el complemento de WordPress de Contest Gallery Pro anterior a 19.1.5.1 no escapan del parámetro GET option_id antes de concatenarlo a una consulta SQL en export-images-data.php. Esto puede permitir que usuarios malintencionados con al menos privilegios de autor filtren información confidencial de la base de datos del sitio. The Contest Gallery plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 19.1.4.1 due to insufficient escaping on the user supplied option_id parameter and lack of sufficient preparation on the existing SQL query. • https://bulletin.iese.de/post/contest-gallery_19-1-4-1_2 https://wpscan.com/vulnerability/e1320c2a-818d-4e91-8dc9-ba95a1dc4377 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45848 – WordPress Contest Gallery Plugin <= 13.1.0.9 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2022-45848
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 13.1.0.9 on WordPress. Vulnerabilidad de Cross-Site Scripting (XSS)Almacenada No Autenticada en el complemento Contest Gallery <= 13.1.0.9 en WordPress. The Contest Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 13.1.0.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/contest-gallery/wordpress-contest-gallery-plugin-13-1-0-9-unauth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36394 – WordPress Contest Gallery plugin <= 17.0.4 - Authenticated SQL Injection (SQLi) vulnerability
https://notcve.org/view.php?id=CVE-2022-36394
Authenticated (author+) SQL Injection (SQLi) vulnerability in Contest Gallery plugin <= 17.0.4 at WordPress. Una vulnerabilidad de Inyección SQL (SQLi) Autenticado (autor+) en el plugin Contest Gallery versiones anteriores a 17.0.4 incluyéndola, en WordPress. The Contest Gallery plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 17.0.4 due to insufficient escaping on the user supplied $id parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://patchstack.com/database/vulnerability/contest-gallery/wordpress-contest-gallery-plugin-17-0-4-authenticated-sql-injection-sqli-vulnerability https://wordpress.org/plugins/contest-gallery/#developers • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27853 – WordPress Contest Gallery plugin <= 13.1.0.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2022-27853
Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) in Contest Gallery (WordPress plugin) <= 13.1.0.9 Una vulnerabilidad de tipo Cross-Site Scripting (XSS) Almacenado Autenticado (rol de autor o superior) en Contest Gallery (plugin de WordPress) versiones anteriores a 13.1.0.9 incluyéndola • https://patchstack.com/database/vulnerability/contest-gallery/wordpress-contest-gallery-plugin-13-1-0-9-authenticated-stored-cross-site-scripting-xss-vulnerability https://wordpress.org/plugins/contest-gallery • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •