CVE-2022-0169— Photo Gallery by 10Web < 1.6.0 - Unauthenticated SQL Injection
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-0169
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Photo Gallery by 10Web < 1.6.0 - Unauthenticated SQL Injection
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL injection
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
WordPress plugin SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
WordPress是Wordpress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是WordPress开源的一个应用插件。 WordPress 1.6.0之前版本的Photo Gallery by 10Web 存在SQL注入漏洞,该漏洞源于bwg_frontend_data AJAX操作时,在 SQL 语句使用它之前不会验证和转义 bwg_tag_id_bwg_thumbnails_0 参数,导致未经身份验证的 SQL
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Unknown | Photo Gallery by 10Web – Mobile-Friendly Image Gallery | 1.6.0 ~ 1.6.0 | - |
II. Public POCs for CVE-2022-0169
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL injection | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-0169.yaml | POC Details |
| 2 | CVE-2022-0169 - WordPress Photo Gallery SQLi PoC | https://github.com/X3RX3SSec/CVE-2022-0169 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-0169
Please Login to view more intelligence information
- https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2022-0169
Same Patch Batch · Unknown · 2022-03-14 · 41 CVEs total
| CVE-2022-0658 | CommonsBooking < 2.6.8 - Unauthenticated SQL Injection | |
| CVE-2022-0321 | WP Voting Contest < 3.0 - Reflected Cross-Site Scripting | |
| CVE-2022-0327 | Master Addons for Elementor < 1.8.2 - Reflected Cross-Site Scripting | |
| CVE-2022-0399 | Advanced Product Labels for WooCommerce < 1.2.3.7 - Reflected Cross-Site Scripting | |
| CVE-2022-0449 | Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting | |
| CVE-2022-0478 | Event Manager for WooCommerce < 3.5.8 - Contributor+ SQL Injection | |
| CVE-2022-0503 | Multisite Content Copier/Updater < 2.1.2 - Reflected Cross-Site Scripting | |
| CVE-2022-0593 | Login with phone number < 1.3.7 - Unauthenticated remote plugin deletion | |
| CVE-2022-0601 | Countdown & Clock < 2.2.9 - Reflected Cross-Site Scripting | |
| CVE-2022-0648 | Team Circle Image Slider With Lightbox < 1.0.16 - Reflected Cross-Site Scripting | |
| CVE-2022-0254 | Zero Spam < 5.2.11 - Admin+ SQL Injection | |
| CVE-2022-0659 | Sync iCloud COS < 2.0.1 - Admin+ Stored Cross-Site Scripting | |
| CVE-2022-0674 | Kunze Law < 2.1 - Admin+ Stored Cross-Site Scripting | |
| CVE-2022-0684 | WP Home Page Menu < 3.1 - Admin+ Stored Cross-Site Scripting | |
| CVE-2022-0700 | Simple Theme Options < 1.7 - Admin+ Stored Cross-Site Scripting | |
| CVE-2022-0701 | SEO 301 Meta <= 1.9.1 - Admin+ Stored Cross-Site Scripting | |
| CVE-2022-0702 | Petfinder Listings <= 1.0.18 - Admin+ Stored Cross-Site Scripting | |
| CVE-2022-0703 | GD Mylist <= 1.1.1 - Admin+ Stored Cross-Site Scripting | |
| CVE-2022-22734 | Simple Quotation <= 1.3.2 - Quote Creation/Edition via CSRF to Stored Cross-Site Scripting | |
| CVE-2022-22735 | Simple Quotation <= 1.3.2 - Subscriber+ SQL injection |
Showing top 20 of 41 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Photo Gallery by 10Web – Mobile-Friendly Image Gallery
- CVE-2026-1036
Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1. - CVE-2025-2269
Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1. - CVE-2024-9878
Photo Gallery by 10Web <= 1.8.30 - Authenticated (Administra - CVE-2024-5481
Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1. - CVE-2024-5426
Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.
Same vendor: Unknown
- CVE-2026-4935
SureTriggers < 1.1.23 – Unauthenticated SQLi - CVE-2026-5335
Magic Export & Import < 1.2.0 - Unauthenticated PII Disclosu - CVE-2026-5337
Frontend File Manager Plugin <= 23.6 - Subscriber+ Arbitrary - CVE-2026-5306
Check & Log Email < 2.0.13 - Unauthenticated Stored XSS - CVE-2026-4512
WP reCaptcha by WebDesignBy < 2.0 – Admin+ Stored XSS
Same weakness: CWE-89
- CVE-2021-47941
WordPress Plugin Survey & Poll 1.5.7.3 SQL Injection via sss - CVE-2021-47930
Balbooa Joomla Forms Builder 2.0.6 SQL Injection Unauthentic - CVE-2021-47928
Opencart TMD Vendor System 3.x Blind SQL Injection via produ - CVE-2026-8231
CodeAstro Online Catering Ordering System deleteorder.php sq - CVE-2025-14179
SQL injection in pdo_firebird via NUL bytes in quoted string
V. Comments for CVE-2022-0169
No comments yet