What is GHSA-2fxf-3xpf-7mjf?

GHSA-2fxf-3xpf-7mjf is a security advisory published by GitHub Security Advisories with High severity. Apptha Slider Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated...

Which CVE IDs does GHSA-2fxf-3xpf-7mjf cover?

GHSA-2fxf-3xpf-7mjf covers the following CVE IDs: CVE-2017-20249. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-2fxf-3xpf-7mjf?

GHSA-2fxf-3xpf-7mjf has a CVSS v3 base score of 8.2, published by GitHub Security Advisories.

GHSA-2fxf-3xpf-7mjfHighCVSS 8.2

Apptha Slider Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated...

Vendor

GitHub Security Advisories

Published

June 9, 2026

Last Modified

June 9, 2026

🔗 CVE IDs covered (1)

CVE-2017-20249 →

📋 Description

Apptha Slider Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the albid parameter. Attackers can send GET requests with crafted SQL payloads in the albid parameter to extract sensitive database information including user credentials and authentication hashes.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2017-20249
https://www.apptha.com
https://www.exploit-db.com/exploits/41567
https://www.vulncheck.com/advisories/wordpress-plugin-apptha-slider-gallery-sql-injection
https://github.com/advisories/GHSA-2fxf-3xpf-7mjf