Security Advisory

CVE-2021-24139

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-03-18 14:57:49
Last updated 2024-08-03 19:21:18
Assigner WPScan
State PUBLISHED

Description

Unvalidated input in the Photo Gallery (10Web Photo Gallery) WordPress plugin, versions before 1.5.55, leads to SQL injection via the frontend/models/model.php bwg_search_x parameter.