cleantalk
Vulnerabilities and Security Researches

Photo Gallery by 10Web – Mobile-Friendly Image Gallery, CVE-2015-1393

CVE, Research URL

CVE-2015-1393

Home page URL

Security reports for Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Application

Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Published on
Feb 02, 2015
Research Description
SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php.
Affected versions
Min -, max 1.2.11.
Status
vulnerable
Previous vulnerability researches
Social Photo Gallery (CVE-2019-14467) , Jun 06, 2024
Photo Gallery ( Responsive ) (CVE-2025-27276) , Feb 26, 2025
Image Gallery – Responsive Photo Gallery (CVE-2025-24697) , Feb 05, 2025
Image Gallery – Responsive Photo Gallery (CVE-2024-12403) , Jan 16, 2025
ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast – HTML5 (CVE-2023-1427) , Jun 06, 2024
New vulnerability
Simple Social Media Share Buttons – Social Sharing for Everyone (CVE-2024-13610) , Apr 17, 2025
Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages (CVE-2025-32929) , Apr 17, 2025
Email Notifications for Updates (CVE-2025-26741) , Apr 17, 2025
User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor (CVE-2025-2314) , Apr 17, 2025
hockeydata LOS (CVE-2025-26889) , Apr 17, 2025