EIP-2026-113928

PRE-CVE

WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113928. PoCs published by kaMtiEz.

AI-analyzed exploit summary This is a technical writeup detailing a blind SQL injection vulnerability in the WordPress NextGEN Smooth Gallery plugin version 1.2 or lower. It provides vulnerable file paths, example URLs, and basic exploitation details but lacks actual exploit code.

Description

WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection

Exploits (1)

exploitdb WRITEUP

by kaMtiEz · textwebappsphp

https://www.exploit-db.com/exploits/14541

View Code ZIP pw:eip

This is a technical writeup detailing a blind SQL injection vulnerability in the WordPress NextGEN Smooth Gallery plugin version 1.2 or lower. It provides vulnerable file paths, example URLs, and basic exploitation details but lacks actual exploit code.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Moderate

Reliability

Theoretical

Target: WordPress NextGEN Smooth Gallery plugin v1.2 or lower

No auth needed

Prerequisites: Target running vulnerable WordPress plugin · Access to the vulnerable endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026