Cross-Site Request Forgery & SQL Injection Vulnerabilities in Unite Gallery Lite WordPress Plugin v1.4.6

July 25, 2015 007admin Leave a comment

Posted by Nitin Venkatesh on Jul 25

# Title: Cross-Site Request Forgery & SQL Injection Vulnerabilities in
Unite Gallery Lite WordPress Plugin v1.4.6
# Submitter: Nitin Venkatesh
# Product: Unite Gallery Lite WordPress Plugin
# Product URL: https://wordpress.org/plugins/unite-gallery-lite/
# Vulnerability Type: Cross-site Request Forgery [CWE-352], Improper
Neutralization of Special Elements used in an SQL Command (‘SQL
Injection’)[CWE-89]
# Affected Versions: v1.4.6…

007 Software

Cross-Site Request Forgery & SQL Injection Vulnerabilities in Unite Gallery Lite WordPress Plugin v1.4.6

Leave a Reply Cancel reply

Software and Security Information