Tribulant: Security Vulnerabilities
The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-10-03
Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-gallery/.
CVSS Score
6.5
EPSS Score
0.647
Published
2014-09-11
Page 3