Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contest gallery contest gallery vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-4158
The Contest Gallery WordPress plugin prior to 19.1.5.1, Contest Gallery Pro WordPress plugin prior to 19.1.5.1 do not escape the cg_Fields POST parameter before concatenating it to an SQL query in users-registry-check-registering-and-login.php. This may allow malicious visitors t...
Contest-gallery Contest Gallery
NA
CVE-2022-4160
The Contest Gallery WordPress plugin prior to 19.1.5.1, Contest Gallery Pro WordPress plugin prior to 19.1.5.1 do not escape the cg_copy_id POST parameter before concatenating it to an SQL query in cg-copy-comments.php and cg-copy-rating.php. This may allow malicious users with a...
Contest-gallery Contest Gallery
NA
CVE-2022-4165
The Contest Gallery WordPress plugin prior to 19.1.5.1, Contest Gallery Pro WordPress plugin prior to 19.1.5.1 do not escape the cg_order POST parameter before concatenating it to an SQL query in order-custom-fields-with-and-without-search.php. This may allow malicious users with...
Contest-gallery Contest Gallery
NA
CVE-2022-4166
The Contest Gallery WordPress plugin prior to 19.1.5.1, Contest Gallery Pro WordPress plugin prior to 19.1.5.1 do not escape the addCountS POST parameter before concatenating it to an SQL query in 4_activate.php. This may allow malicious users with at least author privilege to le...
Contest-gallery Contest Gallery
NA
CVE-2022-4150
The Contest Gallery WordPress plugin prior to 19.1.5.1, Contest Gallery Pro WordPress plugin prior to 19.1.5.1 do not escape the option_id POST parameter before concatenating it to an SQL query in order-custom-fields-with-and-without-search.php. This may allow malicious users wit...
Contest-gallery Contest Gallery
NA
CVE-2022-4153
The Contest Gallery WordPress plugin prior to 19.1.5.1, Contest Gallery Pro WordPress plugin prior to 19.1.5.1 do not escape the upload[] POST parameter before concatenating it to an SQL query in get-data-create-upload-v10.php. This may allow malicious users with at least author ...
Contest-gallery Contest Gallery
NA
CVE-2022-4154
The Contest Gallery Pro WordPress plugin prior to 19.1.5 does not escape the wp_user_id GET parameter before concatenating it to an SQL query in management-show-user.php. This may allow malicious users with at administrator privileges (i.e. on multisite WordPress configurations) ...
Contest-gallery Contest Gallery
NA
CVE-2022-4155
The Contest Gallery WordPress plugin prior to 19.1.5.1, Contest Gallery Pro WordPress plugin prior to 19.1.5.1 do not escape the wp_user_id GET parameter before concatenating it to an SQL query in management-show-user.php. This may allow malicious users with administrator privile...
Contest-gallery Contest Gallery
NA
CVE-2022-4157
The Contest Gallery WordPress plugin prior to 19.1.5.1, Contest Gallery Pro WordPress plugin prior to 19.1.5.1 do not escape the cg_option_id POST parameter before concatenating it to an SQL query in export-votes-all.php. This may allow malicious users with administrator privileg...
Contest-gallery Contest Gallery
NA
CVE-2022-45848
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 13.1.0.9 on WordPress.
Contest-gallery Contest Gallery
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »