ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Global Flash Gallery Plugin - Arbitrary File Upload

Product
Global Flash Gallery
Description
Global Flash Gallery plugin is prone to an arbitrary file upload vulnerability via "swfupload.php" that allows upload arbitrary files. This can result in arbitrary code execution within the context of the vulnerable application.
Solution
Upgrade the plugin.
Classification
Type Remote File Inclusion
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0
Fixed In 1.1
Disclosure date
2014-01-18
Credits
Ashiyane Digital Security Team