CVE-2025-28969

Overview

The Gallery Widget plugin for WordPress (versions through 1.2.1) contains a SQL injection vulnerability due to improper neutralization of special elements used in an SQL command. The flaw exists in the gallery-widget component and allows attackers to inject malicious SQL statements.

Attack

Vector The vulnerability is remotely exploitable without authentication. An attacker can send crafted HTTP requests to vulnerable WordPress sites running an affected version. The plugin fails to sanitize user-supplied input before constructing SQL queries, enabling the injection.

Impact

Successful exploitation permits unauthorized interaction with the WordPress database. An attacker could extract sensitive data (e.g., user credentials, private content), modify database contents, or execute administrative operations. The CVSS score of 8.5 indicates high severity, and Patchstack reports that such vulnerabilities are actively used in mass-exploit campaigns targeting thousands of sites [1].

Mitigation

The plugin vendor has not released a patched version. Users are urged to immediately update to any newer release if available, or to remove the plugin entirely. If an update is not possible, site owners should consult their hosting provider for temporary security measures [1].