The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not checked.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
infoway social photo gallery 1.0 |