ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Flickr Gallery plugin <=1.5.2 - Unauthenticated PHP Object Injection vulnerability

Product
Flickr Gallery
Description
Unauthenticated PHP Object Injection vulnerability found by Matt Barry (WordFence) in WordPress Appointments plugin (versions <=1.5.2).
Solution
Update the WordPress Flickr Gallery plugin to the latest available version (at least 1.5.3).
Classification
Type Remote File Inclusion
References
Plugin homepage
CVE
Name CVE-N/A
Versions
Affected In <=1.5.2
Fixed In 1.5.3
Disclosure date
2017-10-03
Credits
Matt Barry (WordFence)
Submitter
ThreatPress