Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3

Posted by Larry W. Cashdollar on Jul 13

Title: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3
Author: Larry W. Cashdollar, @_larry0
Date: 2015-06-27
Download Site: https://wordpress.org/plugins/wp-powerplaygallery
Vendor: WP SlideShow
Vendor Notified: 2015-06-29
Advisory: http://www.vapid.dhs.org/advisory.php?v=132
Vendor Contact: plugins () wordpress org
Description: This is the best gallery for touch screens. It is fully touch enabled with…

Leave a Reply