RSS   Vulnerabilities for 'Unite gallery lite'   RSS

2019-09-26
 
CVE-2015-9447

CWE-352
 
 
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin.php galleryid or id parameters.

 
 
CVE-2015-9446

CWE-89
 
 
The unite-gallery-lite plugin before 1.5 for WordPress has SQL injection via data[galleryID] to wp-admin/admin-ajax.php.

 
 
CVE-2015-9445

CWE-352
 
 
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin-ajax.php in a unitegallery_ajax_action operation.

 

Copyright 2024, cxsecurity.com

 

Back to Top