CVE-2024-35750

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3.
Configurations

Configuration 1 (hide)

cpe:2.3:a:wpdevart:gallery:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 09:20

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.8
v2 : unknown
v3 : 8.5
References () https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-sql-injection-vulnerability?_s_id=cve - Third Party Advisory () https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-sql-injection-vulnerability?_s_id=cve - Third Party Advisory

01 Nov 2024, 13:37

Type Values Removed Values Added
References () https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-sql-injection-vulnerability?_s_id=cve - () https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-sql-injection-vulnerability?_s_id=cve - Third Party Advisory
CPE cpe:2.3:a:wpdevart:gallery:*:*:*:*:*:wordpress:*:*
Summary
  • (es) Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ("Inyección SQL") en wpdevart Responsive Image Gallery, Gallery Album. Este problema afecta a Responsive Image Gallery, Gallery Album: desde n/a hasta 2.0.3.
First Time Wpdevart gallery
Wpdevart
CVSS v2 : unknown
v3 : 8.5
v2 : unknown
v3 : 8.8

08 Jun 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-08 13:15

Updated : 2024-11-21 09:20


NVD link : CVE-2024-35750

Mitre link : CVE-2024-35750

CVE.ORG link : CVE-2024-35750


JSON object : View

Products Affected

wpdevart

  • gallery
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')