SQL Injection Vulnerabilities in Powerplay Gallery Plugin 3.3 for WordPress

CVE-2015-5599 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) albumid or (2) name parameter.

Learn more about our Wordpress Pen Testing.