An issue was discovered in the Huge-IT gallery-images plugin before 1.9.0 for WordPress. The headers Client-Ip and X-Forwarded-For are prone to unauthenticated SQL injection. The affected file is gallery-images.php. The affected function is huge_it_image_gallery_ajax_callback().
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-21T18:26:25
Updated: 2024-08-06T03:47:34.001Z
Reserved: 2020-01-20T00:00:00
Link: CVE-2016-11018
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-01-21T19:15:12.940
Modified: 2020-02-06T20:25:25.203
Link: CVE-2016-11018
Redhat
No data.