HTTP: WordPress 10Web Photo Gallery SQL Injection
This signature detects attempts to exploit a known vulnerability against WordPress 10Web Photo Gallery. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL injection
Affected Products
10web photo_gallery
References
CVE: CVE-2022-1281
URL: https://en-ca.wordpress.org/plugins/photo-gallery/#developers https://drive.google.com/file/d/1W93XUz5qvWjB27Rn-9L9bIwpBXa2OFNJ/view?usp=sharing https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c https://wpscan.com/vulnerability/2b4866f2-f511-41c6-8135-cf1e0263d8de
Short Name
HTTP:SQL:INJ:WP-10WEBPG-SQL-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
10Web CVE-2022-0169 CVE-2022-1281 Gallery Injection Photo SQL WordPress
Release Date
06/23/2020
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
10web
CVSS Score
7.5