CVE-2021-24915

CRITICAL EXPLOITED NUCLEI

Contest Gallery WordPress <13.1.0.6 - SQL Injection

Title source: llm

Description

The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not sanitise or escape the cg-search-user-name-original parameter before using it in a SQL statement when exporting users from a gallery, which could allow unauthenticated to perform SQL injections attacks, as well as get the list of all users registered on the blog, including their username and email address

Nuclei Templates (1)

Contest Gallery < 13.1.0.6 - SQL injection

CRITICALVERIFIEDby r3Y3r53

Shodan: http.html:/wp-content/plugins/contest-gallery/

FOFA: body=/wp-content/plugins/contest-gallery/

References (2)

[Exploit, Third Party Advisory] https://gist.github.com/tpmiller87/6c05596fe27dd6f69f1aaba4cbb9c917

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/45ee86a7-1497-4c81-98b8-9a8e5b3d4fac

Scores

CVSS v3 9.8

EPSS 0.8357

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2026-03-10

CWE

CWE-89

Status published

Products (1)

contest_gallery/contest_gallery < 13.1.0.6

Published Nov 29, 2021

Tracked Since Feb 18, 2026