WordPress Plugin Vulnerabilities

Robo Gallery <= 2.0.14 - Remote Code Execution

Description

This is potentially a False Positive. Needs further investigation.

Affects Plugins

Plugin icon
robo-gallery
Fixed in 2.0.15

References

URL
http://www.vulnerability-lab.com/get_content.php?id=1822
URL
https://seclists.org/fulldisclosure/2016/Apr/41

Classification

Type
RCE
OWASP top 10
A1: Injection
CWE
CWE-94

Miscellaneous

Submitter
firefart
Submitter website
https://firefart.at/
Submitter twitter
_FireFart_
Verified
No
WPVDB ID
789a8ea3-b37a-4a48-bbdd-73673e52c1ee

Timeline

Publicly Published
2016-04-12 (about 10 years ago)
Added
2016-04-12 (about 10 years ago)
Last Updated
2019-10-31 (about 6 years ago)

Other

Published
Title
Published
2026-03-20
Title
Kali Forms < 2.4.10 - Unauthenticated Remote Code Execution via form_process
Published
2025-04-25
Title
Create custom forms for WordPress with a smart form plugin for smart businesses <= 1.2.4 - Unauthenticated Arbitrary Shortcode Execution
Published
2020-05-07
Title
Elementor Pro < 2.9.4 - Authenticated Arbitrary File Upload
Published
2025-08-02
Title
Doctreat < 1.6.8 - Authenticated (Subscriber+) Arbitrary Shortcode Execution
Published
2025-09-26
Title
XStore < 9.6 - Unauthenticated Arbitrary Shortcode Execution