Description

SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the album parameter.

Remediation

References

CVE-2008-0491

Related Vulnerabilities

WordPress Plugin B2BKing-Ultimate WooCommerce Wholesale and B2B Solution-Wholesale Order Form, Catalog Mode, Dynamic Pricing & More Security Bypass (4.6.00)

WordPress Other Vulnerability (CVE-2006-4743)

WordPress 4.2.2 Multiple Vulnerabilities (0.7 - 4.2.2)

WordPress Plugin WP Security Question Cross-Site Request Forgery (1.0.5)

OpenSSL Numeric Errors Vulnerability (CVE-2016-2106)

Severity

High

Classification

CVE-2008-0491 CWE-138

Tags

Missing Update Known Vulnerabilities