This post was originally published on this site

Description:

$_GET['vid'] is not escaped.

google_adsense() is accessible for everyone.

File: contus-video-galleryhdflvvideoshare.php

[crayon-599bbe85e0b39645063115/]

The post WordPress Video Gallery 2.7 SQL Injection appeared first on WP Security Bloggers.

Share This