CVE-2022-4162 | Contest Gallery Plugin/Contest Gallery Pro Plugin 19.1.5 on WordPress POST Parameter 3_row-order.php cg_row sql injection
A vulnerability classified as critical has been found in Contest Gallery Plugin and Contest Gallery Pro Plugin 19.1.5 on WordPress. Affected is an unknown function of the file 3_row-order.php of the component POST Parameter Handler. The manipulation of the argument cg_row leads to sql injection.
This vulnerability is traded as CVE-2022-4162. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.