Severity by source
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
Lifecycle Timeline
1DescriptionCVE.org
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web Photo Gallery by 10Web allows Blind SQL Injection.
This issue affects Photo Gallery by 10Web: from n/a through 1.8.41.
AnalysisAI
Blind SQL injection in the Photo Gallery by 10Web WordPress plugin (versions up to and including 1.8.41) allows high-privileged authenticated users to inject crafted SQL fragments into a vulnerable query, exfiltrate database contents, and affect availability. CVSS 7.6 (Scope:Changed) reflects the cross-component impact possible from a successful injection within the WordPress database context. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Technical ContextAI
The flaw is a CWE-89 (Improper Neutralization of Special Elements used in an SQL Command) defect in the Photo Gallery by 10Web plugin, identified by CPE cpe:2.3:a:10web:photo_gallery_by_10web. The plugin embeds user-controllable input into a SQL statement without sufficient sanitization or parameterization, and because the response does not directly echo query results, exploitation is 'blind' - attackers infer data through time-based or boolean-based side channels. The vulnerable code path is reachable only after authenticating to WordPress with elevated permissions, indicating the affected endpoint is gated behind an admin-area or capability-restricted handler typical of WordPress plugin AJAX/admin actions.
RemediationAI
Patch status from available data: Patch available per vendor advisory - upgrade Photo Gallery by 10Web to the version released after 1.8.41 as published by the vendor and tracked on the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/photo-gallery/vulnerability/wordpress-photo-gallery-by-10web-plugin-1-8-41-sql-injection-vulnerability; the exact fixed release number was not included in the input data and should be confirmed against the plugin's changelog on wordpress.org before deploying. Until the update is applied, compensating controls include deactivating the Photo Gallery plugin (trade-off: removes gallery functionality from the site), tightly restricting which accounts hold administrator or editor-equivalent roles required to reach the vulnerable endpoint, and placing the WordPress admin area behind a Web Application Firewall ruleset that inspects plugin AJAX/admin requests for SQL metacharacters (trade-off: WAF rules may produce false positives on legitimate gallery management). Enable database query logging or a Patchstack/Wordfence virtual-patch subscription as an interim detection layer.
More in Photo Gallery By 10web
View allSame weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-34240
GHSA-v23c-9h67-3h55