Unrated severityNVD Advisory· Published Feb 2, 2015· Updated Jun 17, 2026
CVE-2015-1393
CVE-2015-1393
Description
SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <1.2.11
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.