EIP-2026-114169

PRE-CVE

WordPress Plugin Video Gallery 2.8 - SQL Injection

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114169. PoCs published by Claudio Viviani.

AI-analyzed exploit summary This is a technical writeup detailing a SQL injection vulnerability in WordPress Video Gallery 2.8. The vulnerability arises from unsanitized input in the 'vid' parameter, allowing arbitrary SQL queries to be executed.

Description

WordPress Plugin Video Gallery 2.8 - SQL Injection

Exploits (1)

exploitdb WRITEUP
by Claudio Viviani · textwebappsphp
https://www.exploit-db.com/exploits/36751

This is a technical writeup detailing a SQL injection vulnerability in WordPress Video Gallery 2.8. The vulnerability arises from unsanitized input in the 'vid' parameter, allowing arbitrary SQL queries to be executed.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: WordPress Video Gallery 2.8
No auth needed
Prerequisites: WordPress installation with Video Gallery plugin version 2.8
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026