CVE-2021-24915

Name of the Vulnerable Software and Affected Versions: Contest Gallery WordPress plugin versions prior to 13.1.0.6

Description: The issue allows unauthenticated attackers to perform SQL injection attacks and obtain a list of all users registered on the blog, including their username and email address. This is due to the lack of capability checks and the failure to sanitise or escape the cg-search-user-name-original parameter before using it in a SQL statement when exporting users from a gallery.

Recommendations: For versions prior to 13.1.0.6, update to version 13.1.0.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the user export functionality in the Contest Gallery plugin to minimize the risk of exploitation. Avoid using the cg-search-user-name-original parameter in the affected API endpoint until the issue is resolved.