Unrestricted File Upload Vulnerability in Powerplay Gallery Plugin for WordPress
CVE-2015-5681

Currently unrated

Key Information:

Vendor

Wordpress
Status
Powerplay Gallery
Vendor
CVE Published:
18 August 2015

What is CVE-2015-5681?

The Powerplay Gallery plugin version 3.3 for WordPress is susceptible to an unrestricted file upload vulnerability. This flaw allows malicious actors to upload files with executable extensions. Once uploaded, these files can be accessed directly, potentially enabling attackers to execute arbitrary code on the server. This vulnerability raises significant security concerns for any site using this plugin, as it opens up pathways for unauthorized access and exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2015/07/20/1
mailing-listx_refsource_MLIST
http://www.vapid.dhs.org/advisory.php?v=132
x_refsource_MISC
http://seclists.org/fulldisclosure/2015/Jul/64
mailing-listx_refsource_FULLDISC

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.