SQL Injection Vulnerability in Apptha WordPress Video Gallery by Contus
CVE-2014-9097

Currently unrated

Key Information:

Vendor: Wordpress
Status: Contus Video Gallery
Vendor: CVE Published:; 26 November 2014

What is CVE-2014-9097?

The Apptha Video Gallery plugin version 2.5 for WordPress contains multiple SQL injection vulnerabilities that could be exploited by remote attackers. These weaknesses allow unauthorized users to execute arbitrary SQL commands through various parameters such as 'vid', 'playlistId', or 'videoId'. Exploiting these vulnerabilities could lead to unauthorized access to sensitive database information, potentially compromising the integrity and confidentiality of the affected WordPress installations.

References

http://packetstormsecurity.com/files/127611/WordPress-Vid...

x_refsource_MISC

http://wordpress.org/plugins/contus-video-gallery/changelog

x_refsource_MISC

http://www.securityfocus.com/bid/68883

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 26, 2014

Wordpress

What is CVE-2014-9097?

References

Timeline