CVE-2022-0826

Name of the Vulnerable Software and Affected Versions WP Video Gallery WordPress plugin versions 1.7.1 and earlier

Description The issue is related to SQL Injection, where the plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action. This can be exploited by unauthenticated users.

Recommendations For WP Video Gallery WordPress plugin versions 1.7.1 and earlier, update to a version later than 1.7.1 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.