CVE-2015-2324
CVE-2015-2324 is a Cross-Site Scripting (XSS) vulnerability in the WordPress Photo Gallery plugin’s filemanager, affecting versions before 1.2.13. The issue permits remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors. Exploitation details...