CVE-2018-5981

Name of the Vulnerable Software and Affected Versions: Gallery WD version 1.3.6

Description: A SQL Injection issue exists in the Gallery WD component for Joomla!, which can be exploited via the tag id parameter or the gallery id parameter.

Recommendations: For Gallery WD version 1.3.6, avoid using the tag id and gallery id parameters in affected API endpoints until the issue is resolved. As a temporary workaround, consider restricting access to the vulnerable component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.