Description

SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the album parameter.

Remediation

References

CVE-2008-0491

Related Vulnerabilities

WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Vulnerabilities (3.6.3)

WordPress Plugin Adminer Multiple Cross-Site Scripting Vulnerabilities (1.4.3)

WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.13)

Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2023-33949)

WordPress Plugin Radio Buttons for Taxonomies Cross-Site Request Forgery (2.0.5)

Severity

High

Classification

CVE-2008-0491 CWE-138

Tags

Missing Update Known Vulnerabilities