CVE-2022-4162

Description

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_row POST parameter before concatenating it to an SQL query in 3_row-order.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Affected products

Unknown / Contest Gallery0 – 19.1.5.1
Unknown / Contest Gallery Pro0 – 19.1.5.1

References

MISChttps://wpscan.com/vulnerability/011500ac-17e4-4d4f-bbd9-1fec70511776
MISChttps://bulletin.iese.de/post/contest-gallery_19-1-4-1_9