Critical severity9.8NVD Advisory· Published Sep 14, 2017· Updated May 13, 2026

CVE-2017-1002028

Description

Vulnerability in wordpress plugin wordpress-gallery-transformation v1.0, SQL injection is in ./wordpress-gallery-transformation/gallery.php via $jpic parameter being unsanitized before being passed into an SQL query.

Affected products

Angry Byte/Wordpress Gallery Transformationv5
Range: unspecified
Angrybyte/Gallery Transformation
cpe:2.3:a:angrybyte:gallery-transformation:1.0:*:*:*:*:wordpress:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.vapidlabs.com/advisory.phpnvdExploitPatchThird Party Advisory
wordpress.org/plugins/wordpress-gallery-transformation/nvdThird Party Advisory
wpvulndb.com/vulnerabilities/8888nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000