SQL Injection Vulnerability in Apptha WordPress Video Gallery by Contus
CVE-2014-9097

Currently unrated

Key Information:

Vendor: Wordpress
Status: Contus Video Gallery
Vendor: CVE Published:; 26 November 2014

Summary

The Apptha Video Gallery plugin version 2.5 for WordPress contains multiple SQL injection vulnerabilities that could be exploited by remote attackers. These weaknesses allow unauthorized users to execute arbitrary SQL commands through various parameters such as 'vid', 'playlistId', or 'videoId'. Exploiting these vulnerabilities could lead to unauthorized access to sensitive database information, potentially compromising the integrity and confidentiality of the affected WordPress installations.

References

http://packetstormsecurity.com/files/127611/WordPress-Vid...

x_refsource_MISC

http://wordpress.org/plugins/contus-video-gallery/changelog

x_refsource_MISC

http://www.securityfocus.com/bid/68883

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 26, 2014