EIP-2026-114168
PRE-CVEWordPress Plugin Video Gallery 2.8 - Multiple Cross-Site Request Forgery Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-114168. PoCs published by Divya.
AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in the WordPress Video Gallery Plugin (version 2.8) that allows unauthorized file uploads via a crafted POST request to admin-ajax.php. The PoC uses JavaScript to send a multipart/form-data request, bypassing CSRF protections.
Description
WordPress Plugin Video Gallery 2.8 - Multiple Cross-Site Request Forgery Vulnerabilities
Exploits (1)
This exploit demonstrates a CSRF vulnerability in the WordPress Video Gallery Plugin (version 2.8) that allows unauthorized file uploads via a crafted POST request to admin-ajax.php. The PoC uses JavaScript to send a multipart/form-data request, bypassing CSRF protections.