CVE-2026-8912 | contest-gallery Contest Gallery Plugin up to 28.1.6 on WordPress Endpoint users-upload-check.php f_input_id sql injection

A vulnerability, which was classified as critical, was found in contest-gallery Contest Gallery Plugin up to 28.1.6 on WordPress. Affected by this issue is some unknown functionality of the file users-upload-check.php of the component Endpoint. Executing a manipulation of the argument f_input_id can lead to sql injection.

This vulnerability appears as CVE-2026-8912. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More