WordPress Plugin 1 Flash Gallery Cross-Site Scripting and SQL Injection Vulnerabilities - Vulnerability Database

WordPress Plugin 1 Flash Gallery Cross-Site Scripting and SQL Injection Vulnerabilities

Critical
Reference: No Reference
Title: WordPress Plugin 1 Flash Gallery Cross-Site Scripting and SQL Injection Vulnerabilities
Overview:

WordPress Plugin 1 Flash Gallery is prone to an SQL injection vulnerability and a cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials compromise the application access or modify data or exploit latent vulnerabilities in the underlying database. WordPress Plugin 1 Flash Gallery version 0.2.5 is vulnerable other versions may also be affected.