Vulnerabilities > Tinywebgallery > Wordpress Flash Uploader > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-25 | CVE-2014-5014 | Command Injection vulnerability in Tinywebgallery Wordpress Flash Uploader The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute arbitrary commands via vectors related to invalid characters in image_magic_path. | 7.5 |