cleantalk
Vulnerabilities and Security Researches

Photo Gallery by 10Web – Mobile-Friendly Image Gallery, CVE-2017-12977

CVE, Research URL

CVE-2017-12977

Home page URL

Security reports for Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Application

Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Published on
Aug 21, 2017
Research Description
The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter.
Affected versions
Min -, max 1.3.51.
Status
vulnerable
Previous vulnerability researches
Social Photo Gallery (CVE-2019-14467) , Jun 06, 2024
Photo Gallery ( Responsive ) (CVE-2025-27276) , Feb 26, 2025
Image Gallery – Responsive Photo Gallery (CVE-2025-24697) , Feb 05, 2025
Image Gallery – Responsive Photo Gallery (CVE-2024-12403) , Jan 16, 2025
ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast – HTML5 (CVE-2023-1427) , Jun 06, 2024
New vulnerability
Simple Social Media Share Buttons – Social Sharing for Everyone (CVE-2024-13610) , Apr 17, 2025
Barcode Generator for WooCommerce – Show barcodes on products, orders, invoices and other pages (CVE-2025-32929) , Apr 17, 2025
Email Notifications for Updates (CVE-2025-26741) , Apr 17, 2025
User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor (CVE-2025-2314) , Apr 17, 2025
hockeydata LOS (CVE-2025-26889) , Apr 17, 2025