Filtered by vendor Reflex Gallery Project Subscriptions
Filtered by product Reflex Gallery Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-4133 1 Reflex Gallery Project 1 Reflex Gallery 2024-11-21 N/A
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/ directory.
CVE-2013-7482 1 Reflex Gallery Project 1 Reflex Gallery 2024-11-21 N/A
The reflex-gallery plugin before 1.4.3 for WordPress has XSS.