CVE Catalog

CVE-2026-57662

HighCVSS 8.5
Published: Updated: Translated: NVD NIST

Summary

SQL Injection vulnerability in the Contributor component of Contest Gallery plugin up to version 30.0.0. Allows an attacker to manipulate database queries through improperly sanitized input.

Risk Assessment

An attacker can gain unauthorized access to database data, including sensitive user information, and potentially modify or delete data.

Recommendation

Immediately update the Contest Gallery plugin to a version newer than 30.0.0, which includes a fix for the SQL injection vulnerability.

Original NVD description (English source)

Contributor SQL Injection in Contest Gallery <= 30.0.0 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS