CVE-2018-17946 – Slideshow Gallery <= 1.6.5 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-17946
The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter. El plugin Tribulant Slideshow Gallery en versiones anteriores a la 1.6.6.1 para WordPress tiene Cross-Site Scripting (XSS) mediante los parámetros id, method, Gallerymessage, Galleryerror o Galleryupdated. The Tribulant Slideshow Gallery plugin before 1.6.6 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter. • http://www.defensecode.com/advisories/DC-2017-01-014_WordPress_Tribulant_Slideshow_Gallery_Plugin_Advisory.pdf https://wordpress.org/plugins/slideshow-gallery/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2014-5460 – Slideshow Gallery < 1.4.7 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2014-5460
Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-gallery/. Vulnerabilidad de la subida de ficheros sin restricciones en el plugin Tribulant Slideshow Gallery anterior a 1.4.7 para WordPress permite a usuarios remotos autenticados ejecutar código arbitrario mediante la subida de un fichero PHP, posteriormente accediendo a ello a través de una solicitud directa al fichero en wp-content/uploads/slideshow-gallery/. The WordPress SlideShow Gallery plugin contains an authenticated file upload vulnerability. You can upload arbitrary files to the upload folder, because the plugin also uses it's own file upload mechanism instead of the WordPress API it's possible to upload any file type. • https://www.exploit-db.com/exploits/34681 https://www.exploit-db.com/exploits/34514 https://github.com/brookeses69/CVE-2014-5460 http://packetstormsecurity.com/files/128069/WordPress-Slideshow-Gallery-1.4.6-Shell-Upload.html http://secunia.com/advisories/60074 http://whitexploit.blogspot.mx/2014/08/wordpress-slideshow-gallery-146-shell.html http://www.exploit-db.com/exploits/34514 http://www.exploit-db.com/exploits/34681 http://www.securityfocus.com/archive/1/533281/100/0/threaded& • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •