Lucene search
+L

CVE-2014-2558

🗓️ 06 May 2014 14:00:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 38 Views🌐 WEB

File Gallery plugin allows remote administrators to execute arbitrary PHP code via setting field

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
cvelist
CVE-2014-2558
6 May 201414:00
cvelist
euvd
EUVD-2014-2593
7 Oct 202500:30
euvd
nvd
CVE-2014-2558
6 May 201414:55
nvd
patchstack
WordPress File Gallery Plugin <= 1.7.9.1 - Arbitrary Code Execution
19 Mar 201400:00
patchstack
prion
Design/Logic Flaw
6 May 201414:55
prion
wpvulndb
File Gallery 1.7.9 - Settings Page create_function Function Remote Comm& Execution
1 Aug 201410:59
wpvulndb
NVD
Node
OR
skyphefile-galleryRange1.7.9wordpress
skyphefile-galleryMatch1.1wordpress
skyphefile-galleryMatch1.2wordpress
skyphefile-galleryMatch1.3wordpress
skyphefile-galleryMatch1.4wordpress
skyphefile-galleryMatch1.5wordpress
skyphefile-galleryMatch1.5awordpress
skyphefile-galleryMatch1.5bwordpress
skyphefile-galleryMatch1.5b2wordpress
skyphefile-galleryMatch1.5b3wordpress
skyphefile-galleryMatch1.5rc1wordpress
skyphefile-galleryMatch1.5.1wordpress
skyphefile-galleryMatch1.5.2wordpress
skyphefile-galleryMatch1.5.3wordpress
skyphefile-galleryMatch1.5.4wordpress
skyphefile-galleryMatch1.5.5wordpress
skyphefile-galleryMatch1.5.6wordpress
skyphefile-galleryMatch1.5.7wordpress
skyphefile-galleryMatch1.5.8-wordpress
skyphefile-galleryMatch1.5.8b1wordpress
skyphefile-galleryMatch1.5.8b2wordpress
skyphefile-galleryMatch1.5.9wordpress
skyphefile-galleryMatch1.6wordpress
skyphefile-galleryMatch1.6.0.1wordpress
skyphefile-galleryMatch1.6.2wordpress
skyphefile-galleryMatch1.6.3wordpress
skyphefile-galleryMatch1.6.4wordpress
skyphefile-galleryMatch1.6.4.1wordpress
skyphefile-galleryMatch1.6.5wordpress
skyphefile-galleryMatch1.6.5.1wordpress
skyphefile-galleryMatch1.6.5.2wordpress
skyphefile-galleryMatch1.6.5.3wordpress
skyphefile-galleryMatch1.6.5.4wordpress
skyphefile-galleryMatch1.6.5.5wordpress
skyphefile-galleryMatch1.6.5.6wordpress
skyphefile-galleryMatch1.6.6betawordpress
skyphefile-galleryMatch1.7-wordpress
skyphefile-galleryMatch1.7rc10wordpress
skyphefile-galleryMatch1.7rc11wordpress
skyphefile-galleryMatch1.7rc12wordpress
skyphefile-galleryMatch1.7rc13wordpress
skyphefile-galleryMatch1.7rc14wordpress
skyphefile-galleryMatch1.7rc3wordpress
skyphefile-galleryMatch1.7rc4wordpress
skyphefile-galleryMatch1.7rc5wordpress
skyphefile-galleryMatch1.7rc6wordpress
skyphefile-galleryMatch1.7rc7wordpress
skyphefile-galleryMatch1.7rc8wordpress
skyphefile-galleryMatch1.7rc9wordpress
skyphefile-galleryMatch1.7.1wordpress
skyphefile-galleryMatch1.7.2wordpress
skyphefile-galleryMatch1.7.3wordpress
skyphefile-galleryMatch1.7.4-wordpress
skyphefile-galleryMatch1.7.4rc2wordpress
skyphefile-galleryMatch1.7.4.1wordpress
skyphefile-galleryMatch1.7.5-wordpress
skyphefile-galleryMatch1.7.5beta1wordpress
skyphefile-galleryMatch1.7.5beta2wordpress
skyphefile-galleryMatch1.7.5.1wordpress
skyphefile-galleryMatch1.7.5.3wordpress
skyphefile-galleryMatch1.7.6wordpress
skyphefile-galleryMatch1.7.7wordpress
skyphefile-galleryMatch1.7.8wordpress
ParameterPositionPathDescriptionCWE
setting_fieldspath/wp-admin/options-media.phpRemote PHP code execution through unsafely escaped strings in File Gallery plugin options allowing code execution via create_function in options-media.phpCWE-94
create_function_usagepath/wp-admin/options-media.phpRemote PHP code execution through unsafely escaped strings in File Gallery plugin options allowing code execution via create_function in options-media.phpCWE-94

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 00:06Current
7.8High risk
Vulners AI Score7.8
CVSS 26.5
EPSS0.01746
38