CVE-2021-24457

Name of the Vulnerable Software and Affected Versions Portfolio Responsive Gallery WordPress plugin versions prior to 1.1.8

Description The issue is related to the implementation of the get portfolios() and get portfolio attributes() functions in the Portfolio Responsive Gallery WordPress plugin. It is caused by a lack of protection against SQL query structure exploitation. This allows a remote attacker to execute arbitrary SQL code. The orderby parameter is not validated or whitelisted before being used in SQL statements, leading to SQL injection issues in the admin dashboard.

Recommendations For versions prior to 1.1.8, update to version 1.1.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the get portfolios() and get portfolio attributes() functions until a patch is available. Avoid using the orderby parameter in the affected SQL statements until the issue is resolved.