CVE-2015-7527

Cool Video Gallery 1.9 - Remote Code Execution via Shell Metacharacters in Video Gallery Settings

Title source: llm
STIX 2.1

Description

lib/core.php in the Cool Video Gallery plugin 1.9 for WordPress allows remote attackers to execute arbitrary code via shell metacharacters in the "Width of preview image" and possibly other input fields in the "Video Gallery Settings" page.

References (6)

Core 6

Scores

EPSS 0.0523
EPSS Percentile 91.5%

Details

CWE
CWE-20
Status published
Products (1)
cool_video_gallery_project/cool_video_gallery 1.9
Published Dec 17, 2015
Tracked Since Feb 18, 2026