4 matches found
EUVD-2014-2370
Malware in sbrugna...
WordPress Lazyest Gallery Plugin <= 0.10.4.3 - Content Manipulation
This plugin is prone to multiple file/directory insecure permissions local content manipulation. Solution Update the plugin...
CVE-2014-2333
Cross-site scripting XSS vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information...
CVE-2014-2333
CVE-2014-2333 affects the WordPress plugin Lazyest Gallery (pre-1.1.21). The vulnerability is a stored/reflected XSS via an EXIF tag in the image handling code, enabling remote attackers to inject arbitrary script or HTML. Public details come from NVD/NVD-related feeds and WPVulnDB entries; explo...