CVE-2014-5186
SQL injection vulnerability in the All Video Gallery (all-video-gallery) plugin 1.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an edit action in the allvideogallery_videos page to wp-admin/admin.php.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0032 (0.3%)
Percentil: 54.8%
EPSS: 2026-05-06
Afecta
all_video_gallery_plugin_project:all-video-galleryDescripción técnica
SQL injection vulnerability in the All Video Gallery (all-video-gallery) plugin 1.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an edit action in the allvideogallery_videos page to wp-admin/admin.php.
Publicada: 6/8/2014, 19:55:04
Última modificación: 6/5/2026, 22:30:45