[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fV9Kxp1SqT6ySR6G-ARjDtFWlGMKrutJw52IHiLFEWnA":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-5875a4c2-a309-41fb-8845-2935511ec6c0-ungallery","ungallery-command-injection","UnGallery \u003C 2.1.6 - Command Injection","The UnGallery plugin for WordPress is vulnerable to Command Injection in versions before 2.1.6 via the 'search' parameter. This makes it possible for unauthenticated attackers to execute arbitrary commands on the server.","ungallery",null,"\u003C2.1.6","2.1.6","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Generation of Code ('Code Injection')","2012-10-23 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5875a4c2-a309-41fb-8845-2935511ec6c0?source=api-prod",4109]