WordPress Splashing Images plugin <=2.1 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found by Nicolas Buzy-Debat in WordPress Splashing Images plugin versions =2.1. Possible remote injection of arbitrary web script or HTML via the search parameter to wp-admin/upload.php. Solution Update the WordPress Splashing Images plugin to the latest...

WordPress Splashing Images plugin <=2.1 - Authenticated PHP Object Injection vulnerability

Authenticated PHP Object Injection vulnerability found by Nicolas Buzy-Debat in WordPress Splashing Images plugin versions =2.1. PHP Object Injection attack via crafted serialized data in the 'session' HTTP GET parameter to wp-admin/upload.php. Solution Update the WordPress Splashing Images plugi...

WordPress Splashing Images Plugin PHP Object Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Splashing Images wp-splashing-images is used in one of the image selection plugin . A PHP object injection...