WordPress Plugin Vulnerabilities

Reflex Gallery <= 3.1.3 - Arbitrary File Upload

Description

The ReFlex Gallery » WordPress Photo Gallery WordPress plugin was affected by an Arbitrary File Upload security vulnerability.

Affects Plugins

Plugin icon
reflex-gallery
Fixed in 3.1.4

References

CVE
CVE-2015-4133
Exploitdb
36374
URL
exploit/unix/webapp/wp_reflexgallery_file_upload
URL
https://packetstormsecurity.com/files/#130845/
URL
https://packetstormsecurity.com/files/#131515/

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
Yes
WPVDB ID
c2496b8b-72e4-4e63-9d78-33ada3f1c674

Timeline

Publicly Published
2015-03-16 (about 11 years ago)
Added
2015-03-29 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2024-10-14
Title
Azz Anonim Posting <= 0.9 - Unauthenticated Arbitrary File Upload
Published
2021-04-11
Title
College Publisher Import <= 0.1 - Arbitrary File Upload to RCE
Published
2014-08-01
Title
Category Grid View Gallery 0.1.1 - Shell Upload
Published
2023-12-16
Title
EditorsKit < 1.40.4 - Authenticated (Administrator+) Arbitrary File Upload
Published
2021-06-29
Title
Super Progressive Web Apps < 2.1.12 - Authenticated (Low Privileged) Arbitrary File Upload to RCE