Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin wptf-image-gallery Arbitrary File Download - CVE-2015-1000007 - Vulnerability Database
WP Plugin Wptf Image Gallery

WordPress Plugin wptf-image-gallery Arbitrary File Download - CVE-2015-1000007

Medium
Reference: CVE-2015-1000007
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-1000007
Title: WordPress Plugin wptf-image-gallery Arbitrary File Download
Overview:

WordPress Plugin wptf-image-gallery is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information which may aid in launching further attacks. WordPress Plugin wptf-image-gallery version 1.0.3 is vulnerable prior versions may also be affected.