CVE-2016-10940

CVE-2016-10940

The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter.

Source: CVE-2016-10940