CVE-2012-1785
Video Embed & Thumbnail Generator < 2.0 - Remote Code Execution via kg_callffmpeg.php
Title source: llmDescription
kg_callffmpeg.php in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to execute arbitrary commands via unspecified vectors.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/73508
Patch x_refsource_confirm
http://plugins.trac.wordpress.org/changeset?old_path=%2Fvideo-embed-thumbnail-generator&old=507924&new_path=%2Fvideo-embed-thumbnail-generator&new=507924
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/52180
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48087
Product x_refsource_confirm
http://wordpress.org/extend/plugins/video-embed-thumbnail-generator/changelog/
Scores
EPSS
0.0345
EPSS Percentile
87.6%
Details
CWE
CWE-20
Status
published
Products (9)
kylegilman/video_embed_\&_thumbnail_generator
0.2
kylegilman/video_embed_\&_thumbnail_generator
0.2.1
kylegilman/video_embed_\&_thumbnail_generator
1.0
kylegilman/video_embed_\&_thumbnail_generator
1.0.1
kylegilman/video_embed_\&_thumbnail_generator
1.0.2
kylegilman/video_embed_\&_thumbnail_generator
1.0.3
kylegilman/video_embed_\&_thumbnail_generator
1.0.4
kylegilman/video_embed_\&_thumbnail_generator
1.0.5
kylegilman/video_embed_\&_thumbnail_generator
< 1.1
Published
Mar 19, 2012
Tracked Since
Feb 18, 2026