CVE-2022-0169

Name of the Vulnerable Software and Affected Versions The Photo Gallery by 10Web WordPress plugin versions prior to 1.6.0

Description The issue is related to a lack of validation and escaping of the bwg tag id bwg thumbnails 0 parameter in SQL statements via the /wp-admin/admin-ajax.php endpoint, specifically through the bwg frontend data AJAX action. This can lead to SQL injection, allowing a remote attacker to execute arbitrary SQL code. The vulnerability can be exploited by both unauthenticated and authenticated users.

Recommendations For versions prior to 1.6.0, update to version 1.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the bwg frontend data AJAX action to minimize the risk of exploitation. Avoid using the bwg tag id bwg thumbnails 0 parameter in the affected AJAX endpoint until the issue is resolved.