Description Piwigo 13.6.0 is vulnerable to SQL Injection via /admin/permalinks.php. Remediation References CVE-2023-33361 Related Vulnerabilities WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.16) WordPress Plugin TextMe SMS Cross-Site Scripting (1.8.8) Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27425) WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Unspecified Vulnerability (2.1.3) WordPress Plugin LearnPress-WordPress LMS SQL Injection (4.1.3.2) Severity Critical Classification CVE-2023-33361 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities