The Grand Flagallery plugin prior to 4.25 for WordPress allows remote malicious users to obtain the installation path via a request to (1) flagallery-skins/banner_widget_default/gallery.php or (2) flash-album-gallery/skins/banner_widget_default/gallery.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
codeasily grand flagallery |