module
WordPress Photo Gallery Plugin SQL Injection (CVE-2022-0169)
| Disclosed |
|---|
| Mar 14, 2022 |
Disclosed
Mar 14, 2022
Description
The Photo Gallery by 10Web WordPress plugin unauthenticated SQL injection via the 'bwg_tag_id_bwg_thumbnails_0[]'
parameter in admin-ajax.php (action=bwg_frontend_data).
parameter in admin-ajax.php (action=bwg_frontend_data).
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.