Unrated severityNVD Advisory· Published Dec 17, 2015· Updated Jun 17, 2026
CVE-2015-7527
CVE-2015-7527
Description
lib/core.php in the Cool Video Gallery plugin 1.9 for WordPress allows remote attackers to execute arbitrary code via shell metacharacters in the "Width of preview image" and possibly other input fields in the "Video Gallery Settings" page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:cool_video_gallery_project:cool_video_gallery:1.9:*:*:*:*:wordpress:*:*
- Range: = 1.9
Patches
Vulnerability mechanics
References
6- packetstormsecurity.com/files/134626/WordPress-Cool-Video-Gallery-1.9-Command-Injection.htmlnvdExploit
- www.openwall.com/lists/oss-security/2015/12/02/9nvdExploit
- www.vapidlabs.com/advisory.phpnvdExploit
- wordpress.org/support/topic/command-injection-vulnerability-in-v19nvdExploit
- www.securityfocus.com/archive/1/537051/100/0/threadednvd
- wpvulndb.com/vulnerabilities/8348nvd
News mentions
0No linked articles in our index yet.