Page 8 of 77 results (0.010 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

The flickr-justified-gallery plugin before 3.4.0 for WordPress has XSS. El plugin flickr-justified-gallery anterior a la versión de 3.4.0 para WordPress tiene XSS. The flickr-justified-gallery plugin before 3.4.0 for WordPress has XSS via several parameters. • https://wordpress.org/plugins/flickr-justified-gallery/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Remote file download vulnerability in wptf-image-gallery v1.03 Vulnerabilidad de descarga de archivo remoto en wptf-image-gallery v1.03 The wptf-image-gallery plugin for WordPress is vulnerable to Arbitrary File Downloads in versions up to, and including, 1.0.3 via the './wptf-image-gallery/lib-mbox/ajax_load.php' file. This makes it possible for unauthenticated attackers to download sensitive files from the vulnerable system. • http://www.vapidlabs.com/advisory.php?v=148 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2

upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to create arbitrary directories via vectors related to the targetDir variable. El plugin Powerplay Gallery 3.3 para WordPress presenta una vulnerabilidad en el archivo Upload.php, que permite a atacantes remotos crear directorios arbitrarios a través de vectores relacionados con la variable targetDir. • http://www.openwall.com/lists/oss-security/2015/07/27/8 http://www.vapid.dhs.org/advisory.php?v=132 • CWE-264: Permissions, Privileges, and Access Controls CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 4

Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) albumid or (2) name parameter. Vulnerabilidad de inyección SQL múltiple en upload.php en el plugin Powerplay Gallery 3.3 para WordPress, permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de un parámetro (1) albumid o (2) nombre. • http://packetstormsecurity.com/files/132671/WordPress-WP-PowerPlayGallery-3.3-File-Upload-SQL-Injection.html http://seclists.org/fulldisclosure/2015/Jul/64 http://www.openwall.com/lists/oss-security/2015/07/20/1 http://www.vapid.dhs.org/advisory.php?v=132 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 84%CPEs: 1EXPL: 3

Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/ directory. Vulnerabilidad de la subida de ficheros sin restricciones en admin/scripts/FileUploader/php.php en el plugin ReFlex Gallery anterior a 3.1.4 para WordPress permite a atacantes remotos ejecutar código PHP arbitrario mediante la subida de un fichero con una extensión PHP, posteriormente accediendo a ello a través de una solicitud directa al fichero en el directorio uploads/. • https://www.exploit-db.com/exploits/36809 http://osvdb.org/show/osvdb/88853 http://packetstormsecurity.com/files/130845 http://packetstormsecurity.com/files/131515 http://www.securityfocus.com/bid/57100 https://wordpress.org/plugins/reflex-gallery/changelog https://wpvulndb.com/vulnerabilities/7867 - • CWE-434: Unrestricted Upload of File with Dangerous Type •