Authenticated SQL Injection (SQLi) vulnerability discovered by Nguy Minh Tuan (Patchstack Alliance) in WordPress Contest Gallery plugin (versions <= 17.0.4).
Update the WordPress Contest Gallery plugin to the latest available version (at least 17.0.5).