Exploit Title: WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection
Google Dork: N/A
Date: 2026-06-02
Exploit Author: cardosource
Vendor Homepage: https://contest-gallery.com/
Software Link: https://wordpress.org/plugins/contest-gallery/
Version: <= 28.1.4
Tested on: Docker - PHP 8.2/Apache + MariaDB (WordPress Environment)
CVE: 2026-3180
"""
Description
A Blind SQL Injection vul...
