Filtered by vendor Dancoulter
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-20207 | 3 Dan Coulter, Dancoulter, Wordpress | 3 Flickr Gallery, Flickr Gallery, Wordpress | 2026-01-05 | 9.8 Critical |
| The Flickr Gallery plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.5.2 via deserialization of untrusted input from the `pager ` parameter. This allows unauthenticated attackers to inject a PHP Object. Attackers were actively exploiting this vulnerability with the WP_Theme() class to create backdoors. | ||||
Page 1 of 1.