cleantalk
Vulnerabilities and Security Researches

GB Gallery Slideshow, CVE-2014-8375

CVE, Research URL

CVE-2014-8375

Home page URL

Security reports for GB Gallery Slideshow

Application

GB Gallery Slideshow

Published on
Oct 21, 2014
Research Description
SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selected_group parameter in a gb_ajax_get_group action to wp-admin/admin-ajax.php.
Affected versions
Min -, max 1.6.
Status
vulnerable
Previous vulnerability researches
GB Gallery Slideshow (CVE-2025-32649) , Apr 18, 2025
GB Gallery Slideshow (CVE-2014-8375) , Jun 07, 2024
GB Gallery Slideshow (CVE-2025-31732) , Apr 03, 2025
New vulnerability
WordPress Job Board and Recruitment Plugin – JobWP (CVE-2025-2010) , Apr 20, 2025
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025