EIP-2026-114169
PRE-CVEWordPress Plugin Video Gallery 2.8 - SQL Injection
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-114169. PoCs published by Claudio Viviani.
AI-analyzed exploit summary This is a technical writeup detailing a SQL injection vulnerability in WordPress Video Gallery 2.8. The vulnerability arises from unsanitized input in the 'vid' parameter, allowing arbitrary SQL queries to be executed.
Description
WordPress Plugin Video Gallery 2.8 - SQL Injection
Exploits (1)
exploitdb
WRITEUP
by Claudio Viviani · textwebappsphp
https://www.exploit-db.com/exploits/36751
This is a technical writeup detailing a SQL injection vulnerability in WordPress Video Gallery 2.8. The vulnerability arises from unsanitized input in the 'vid' parameter, allowing arbitrary SQL queries to be executed.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
WordPress Video Gallery 2.8
No auth needed
Prerequisites:
WordPress installation with Video Gallery plugin version 2.8
MITRE ATT&CK
mistral-large-3 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026