WordPress Plugin Vulnerabilities

Powerplay Gallery - Arbitrary File Upload & SQL Injection

Description

The wp-powerplaygallery WordPress plugin was affected by an Arbitrary File Upload & SQL Injection security vulnerability.

Affects Plugins

Plugin icon
wp-powerplaygallery
No known fix

References

CVE
CVE-2015-5682
CVE
CVE-2015-5599
CVE
CVE-2015-5681
URL
https://packetstormsecurity.com/files/#132671/

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
26343af5-435a-48c3-bc7a-2fd68f979813

Timeline

Publicly Published
2015-07-01 (about 10 years ago)
Added
2015-07-01 (about 10 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2015-10-15
Title
Events Made Easy < 1.5.50 - Multi CSRF to Stored Cross-Site Scripting & Event Deletion
Published
2018-12-04
Title
Arigato Autoresponder and Newsletter < 2.5.2 - Authenticated Blind SQL Injection & Multiple XSS
Published
2014-10-01
Title
Refraction Theme Multiple Vulnerabilities (XSS, FPD)
Published
2019-07-23
Title
WPS Limit Login <= 1.4.5 - Multiple Issues
Published
2019-03-26
Title
article2pdf - Multiple Vulnerabilities