upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote malicious users to create arbitrary directories via vectors related to the targetDir variable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
powerplay gallery project powerplay gallery 3.3 |