Wordpress Multiple Third Party Plugins Multiple Vulnerabilities
Description
(#Several vulnerabilities have been identified in plugins for WordPress:#- csv2wpec-coupon : remote file upload due to bad sanitization of MIME type files sent by the user#- Postmatic : cross-site scripting (CVE-2015-5535)#- Easy Media Gallery : cross-site scripting#- Ultimate Addons for Visual Composer : denial of service#- Royal Slider : cross-site scripting due to bad sanitization of "rstype" parameter while creating or editing a slider##Proofs of concept are available.)
Vulnerable Products
Vulnerable Software: WordPress (WordPress) -
Solution
Version 1.3.50 of Easy Media Gallery plugin fixes the vulnerability impacting it.