Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2014-2558
HistoryMay 06, 2014 - 2:00 p.m.

CVE-2014-2558

2014-05-0614:00:00
mitre
www.cve.org
3

AI Score

7.5

Confidence

High

EPSS

0.003

Percentile

70.6%

JSON

The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which allows remote administrators to execute arbitrary PHP code via a ' (backslash quote) in the setting fields to /wp-admin/options-media.php, related to the create_function function.

Related

wpvulndb 1
prion 1
patchstack 1
cve 1
nvd 1
wpvulndb
wpvulndb
File Gallery 1.7.9 - Settings Page create_function Function Remote Comm& Execution
2014-08-01 10:59:14
prion
prion
Design/Logic Flaw
2014-05-06 14:55:00
patchstack
patchstack
WordPress File Gallery Plugin <= 1.7.9.1 - Arbitrary Code Execution
2014-03-19 00:00:00
cve
cve
CVE-2014-2558
2014-05-06 14:55:05
nvd
nvd
CVE-2014-2558
2014-05-06 14:55:05

AI Score

7.5

Confidence

High

EPSS

0.003

Percentile

70.6%

JSON
Related for CVELIST:CVE-2014-2558
wpvulndb1prion1patchstack1cve1nvd1