EIP-2026-113940
PRE-CVEWordPress Plugin oQey Gallery 0.4.8 - SQL Injection
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113940. PoCs published by Miroslav Stampar.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in the WordPress oQey Gallery plugin (version <= 0.4.8) due to improper sanitization of the 'gal_id' parameter. The PoC leverages a UNION-based SQLi to extract database information, including version, current user, and database name.
Description
WordPress Plugin oQey Gallery 0.4.8 - SQL Injection
Exploits (1)
This exploit demonstrates a SQL injection vulnerability in the WordPress oQey Gallery plugin (version <= 0.4.8) due to improper sanitization of the 'gal_id' parameter. The PoC leverages a UNION-based SQLi to extract database information, including version, current user, and database name.