// For flags

CVE-2014-5460

Slideshow Gallery < 1.4.7 - Arbitrary File Upload

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

7
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-gallery/.

Vulnerabilidad de la subida de ficheros sin restricciones en el plugin Tribulant Slideshow Gallery anterior a 1.4.7 para WordPress permite a usuarios remotos autenticados ejecutar código arbitrario mediante la subida de un fichero PHP, posteriormente accediendo a ello a través de una solicitud directa al fichero en wp-content/uploads/slideshow-gallery/.

The WordPress SlideShow Gallery plugin contains an authenticated file upload vulnerability. You can upload arbitrary files to the upload folder, because the plugin also uses it's own file upload mechanism instead of the WordPress API it's possible to upload any file type.

*Credits: Jesús Ramírez Pichardo
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-08-26 CVE Reserved
  • 2014-08-29 CVE Published
  • 2014-09-01 First Exploit
  • 2024-08-06 CVE Updated
  • 2024-10-28 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-20: Improper Input Validation
  • CWE-434: Unrestricted Upload of File with Dangerous Type
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Tribulant
Search vendor "Tribulant"
 Tibulant Slideshow Gallery
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery"
 <= 1.4.6
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery" and version " <= 1.4.6"
wordpress
Affected
Tribulant
Search vendor "Tribulant"
 Tibulant Slideshow Gallery
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery"
 1.4
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery" and version "1.4"
wordpress
Affected
Tribulant
Search vendor "Tribulant"
 Tibulant Slideshow Gallery
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery"
 1.4.1
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery" and version "1.4.1"
wordpress
Affected
Tribulant
Search vendor "Tribulant"
 Tibulant Slideshow Gallery
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery"
 1.4.2
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery" and version "1.4.2"
wordpress
Affected
Tribulant
Search vendor "Tribulant"
 Tibulant Slideshow Gallery
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery"
 1.4.3
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery" and version "1.4.3"
wordpress
Affected
Tribulant
Search vendor "Tribulant"
 Tibulant Slideshow Gallery
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery"
 1.4.4
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery" and version "1.4.4"
wordpress
Affected
Tribulant
Search vendor "Tribulant"
 Tibulant Slideshow Gallery
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery"
 1.4.5
Search vendor "Tribulant" for product "Tibulant Slideshow Gallery" and version "1.4.5"
wordpress
Affected