CVE-2022-36394

Name of the Vulnerable Software and Affected Versions Contest Gallery plugin versions <= 17.0.4

Description The issue is an authenticated SQL Injection vulnerability, affecting the Contest Gallery plugin at WordPress. This allows for SQL injection attacks when an attacker has author or higher privileges.

Recommendations For versions <= 17.0.4, update to a version higher than 17.0.4 to resolve the issue. As a temporary workaround, consider restricting access to the plugin's database interactions until a patch is available.