CVE-2022-1281: 
WordPress vulnerability analysis and mitigation

The Photo Gallery WordPress plugin through version 1.6.3 contains an unauthenticated SQL injection vulnerability identified as CVE-2022-1281. The vulnerability was discovered by ZhongFu Su(JrXnm) of Wuhan University and was publicly disclosed on April 11, 2022. The issue affects the plugin's handling of the $POST['filtertag'] parameter, which is not properly escaped when appended to SQL queries (WPScan, CVE Mitre).

The vulnerability is classified as an SQL Injection (SQLI) vulnerability with a CVSS score of 8.6 (High). It falls under the OWASP Top 10 category A1: Injection and is identified as CWE-89. The issue occurs in the plugin's GalleryBox functionality where the filter_tag parameter is processed without proper sanitization, allowing malicious SQL queries to be injected through POST requests to wp-admin/admin-ajax.php (WPScan).

As an unauthenticated SQL injection vulnerability, this issue could allow attackers to execute arbitrary SQL queries against the WordPress database without requiring authentication. This could potentially lead to unauthorized access to sensitive data, manipulation of database contents, or compromise of the WordPress installation (WPScan).

The vulnerability has been fixed in version 1.6.3 of the Photo Gallery plugin. The fix includes proper sanitization of the filtertag parameter using arraymap('intval') function to ensure only integer values are processed (WordPress Plugin). Users are advised to update to version 1.6.3 or later to protect against this vulnerability.