6 matches found
WordPress Gmedia Photo Gallery Plugin < 1.20.0 - Cross-Site Scripting
The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the album's name before outputting it in pages or posts with a media embed, which could allow high privilege users such as admin to perform Cross-Site Scripting XSS attacks even when the unfiltered-html capabilit...
Gmedia Photo Gallery < 1.18.5 - Multiple Cross-Site Scripting (XSS)
Multiple XSS vulnerabilities were discovered in the Gmedia Gallery plugin version 1.18.0 WordPress plugin. These vulnerabilities were caused by improper validation of user input in the album, gallery, category and media upload module. The vulnerability types include both stored and reflected XSS...
WordPress Gmedia Gallery Plugin 1.2.1 - Shell Upload
Because of this vulnerability, any user could upload PHP files. Solution Update the plugin...
WordPress Gmedia Gallery Shell Upload
Gmedia Gallery plugin is prone to Shell Upload vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process...
Wordpress Gmedia Gallery 1.2.1 Shell Upload Vulnerability
Exploit for php platform in category web applications Exploit Title : Wordpress Gmedia Gallery 1.2.1 Shell Upload Vulnerability Exploit Author : Claudio Viviani Vendor Homepage : http://www.codeasily.com/ Software Link : http://downloads.wordpress.org/plugin/grand-media.zip Date : 2014-08-01 Test...
WordPress Gmedia Gallery 1.2.1 Shell Upload
Exploit Title : Wordpress Gmedia Gallery 1.2.1 Shell Upload Vulnerability Exploit Author : Claudio Viviani Vendor Homepage : http://www.codeasily.com/ Software Link : http://downloads.wordpress.org/plugin/grand-media.zip Date : 2014-08-01 Tested on : Windows 7 / Mozilla Firefox Description : Any...