2022-12-19 13:41:37
WPScan
PUBLISHED
The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHPs extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers.