virus logo Intrusion Prevention

WordPress.Tinymce.Thumnail.Gallery.Plugin.File.Disclosure

description-logoDescription

This indicates an attack attempt against an Information Disclosure vulnerability in Tinymce Thumbnail Gallery Plugin for WordPress.
The vulnerability is due to insufficient input validation in the application when handling a crafted HTTP request. A remote attacker can exploit this to gain unauthorized access to sensitive information via a crafted HTTP request.

affected-products-logoAffected Products

Tinymce Thumbnail Gallery Plugin for WordPress 1.0.7 and prior

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://www.exploit-db.com/exploits/19022/
ID 38560
Created Jun 05, 2014
Updated Jun 25, 2014
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS All
Affected App Other