CVE-2015-7527

Name of the Vulnerable Software and Affected Versions Cool Video Gallery plugin version 1.9

Description The issue allows remote attackers to execute arbitrary code via shell metacharacters in the Width of preview image and possibly other input fields in the "Video Gallery Settings" page. This is due to a vulnerability in the lib/core.php file of the Cool Video Gallery plugin.

Recommendations For Cool Video Gallery plugin version 1.9, consider disabling the plugin until a patch is available to prevent exploitation. Restrict access to the "Video Gallery Settings" page to minimize the risk of arbitrary code execution. Avoid using shell metacharacters in input fields, such as Width of preview image, until the issue is resolved.