The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin prior to 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
10web photo gallery |