ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload

Product
Slideshow Gallery
Description
Slideshow Gallery plugin is prone to a sehll upload vulnerability. It allows an attacker to upload any PHP file remotely to the vulnerable website.
Solution
Upgrade the plugin.
Classification
Type Remote File Inclusion
References
Exploit-DB
CVE
Name CVE- 2014-5460
Versions
Affected In <= 1.4.6
Fixed In 1.4.7
Disclosure date
2014-09-01
Credits
Jesus Ramirez Pichardo