Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2019-14313: Changeset 2128378 – WordPress Plugin Repository

A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php.

CVE
#sql#vulnerability#web#wordpress#php#auth

Timestamp:

07/25/2019 09:33:24 AM (4 years ago)

webdorado

Message:

Fixed: security issue

Location:

photo-gallery/trunk

Files:

  • filemanager/model.php (2 diffs)
  • photo-gallery.php (2 diffs)
  • readme.txt (2 diffs)

Legend:

Unmodified

Added

Removed

  • photo-gallery/trunk/filemanager/model.php

    r2087021

    r2128378

50

50

        $orderby = $params\['orderby'\];

51

51

        $order = $params\['order'\];

 

52

    if ( $orderby != 'size' && $orderby != 'name' ) {

 

53

      $orderby = 'date\_modified';

 

54

    }

 

55

    if ( $order != 'asc' ) {

 

56

      $order = 'desc';

 

57

    }

52

58

        $search = $params\['search'\];

53

59

        $page\_num = $params\['page\_num'\];

…

…

 

149

155

        $orderby = $params\['orderby'\];

150

156

        $order = $params\['order'\];

 

157

    if ( $orderby != 'size' && $orderby != 'name' ) {

 

158

      $orderby = 'date\_modified';

 

159

    }

 

160

    if ( $order != 'asc' ) {

 

161

      $order = 'desc';

 

162

    }

151

163

152

164

        $query  = ' SELECT \* FROM \`' . $wpdb->prefix . 'bwg\_file\_paths\`';
  • photo-gallery/trunk/photo-gallery.php

    r2120867

    r2128378

4

4

 \* Plugin URI: https://10web.io/plugins/wordpress-photo-gallery/?utm\_source=photo\_gallery&utm\_medium=free\_plugin

5

5

 \* Description: This plugin is a fully responsive gallery plugin with advanced functionality.  It allows having different image galleries for your posts and pages. You can create unlimited number of galleries, combine them into albums, and provide descriptions and tags.

6

 

 \* Version: 1.5.30

 

6

 \* Version: 1.5.31

7

7

 \* Author: Photo Gallery Team

8

8

 \* Author URI: https://10web.io/plugins/?utm\_source=photo\_gallery&utm\_medium=free\_plugin

…

…

 

85

85

    $this->plugin\_url = plugins\_url(plugin\_basename(dirname(\_\_FILE\_\_)));

86

86

    $this->main\_file = plugin\_basename(\_\_FILE\_\_);

87

 

    $this->plugin\_version = '1.5.30';

88

 

    $this->db\_version = '1.5.30';

 

87

    $this->plugin\_version = '1.5.31';

 

88

    $this->db\_version = '1.5.31';

89

89

    $this->prefix = 'bwg';

90

90

    $this->nicename = \_\_('Photo Gallery', $this->prefix);
  • photo-gallery/trunk/readme.txt

    r2120867

    r2128378

4

4

Requires at least: 3.4

5

5

Tested up to: 5.2

6

 

Stable tag: 1.5.30

 

6

Stable tag: 1.5.31

7

7

License: GPLv2 or later

8

8

License URI: http://www.gnu.org/licenses/gpl-2.0.html

…

…

 

282

282

283

283

\== Changelog ==

 

284

 

285

\= 1.5.31 =

 

286

\* Fixed: Vulnerability.

284

287

285

288

\= 1.5.30 =

Note: See TracChangeset for help on using the changeset viewer.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907