Skip to content
Exploit Title: WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection Google Dork: N/A Date: 2026-06-02 Exploit Author: cardosource Vendor Homepage: https://contest-gallery.com/ Software Link: https://wordpress.org/plugins/contest-gallery/ Version: <= 28.1.4 Tested on: Docker - PHP 8.2/Apache + MariaDB (WordPress Environment) CVE: 2026-3180 """ Description A Blind SQL Injection vul...