Reflex Gallery Project Reflex Gallery vulnerabilities
2 known vulnerabilities affecting reflex_gallery_project/reflex_gallery.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2015-4133P2HIGHCVSS 7.5PoC≤ 3.1.32015-05-28
CVE-2015-4133 [HIGH] CVE-2015-4133: Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery p
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/ directory.
nvd
CVE-2013-7482P4MEDIUMCVSS 6.1fixed in 1.4.32019-08-22
CVE-2013-7482 [MEDIUM] CWE-79 CVE-2013-7482: The reflex-gallery plugin before 1.4.3 for WordPress has XSS.
The reflex-gallery plugin before 1.4.3 for WordPress has XSS.
nvd