<?xml version="1.0" encoding="utf-8"?> <params> <param> <value> <struct> <member> <name>VERSION</name> <value> <string>1.0</string> </value> </member> <member> <name>UPDATED</name> <value> <string>2015-06-27</string> </value> </member> <member> <name>SERIAL</name> <value> <string>1</string> </value> </member> <member> <name>DWF</name> <value> <struct> <member> <name>CVE_ID</name> <value> <string>CVE-2015-5599 2015-5681 2015-5682</string> </value> </member> <member> <name>DESCRIPTION</name> <value> <string>Remote file upload vulnerability & Blind SQLi in wordpress plugin wp-powerplaygallery v3.3</string> </value> </member> <member> <name>CREDIT</name> <value> <string>Larry W. Cashdollar @_larry0</string> </value> </member> <member> <name>SOURCES</name> <value> <array> <data> <value> <struct> <member> <name>URL</name> <value> <array> <data> <value> <string>https://wordpress.org/plugins/wp-powerplaygallery</string> </value> </data> </array> </value> </member> <member> <name>LOCALNAME</name> <value> <string>Product Home Page</string> </value> </member> </struct> </value> <value> <struct> <member> <name>URL</name> <value> <array> <data> <value> <string>http://www.vapidlabs.com/advisory.php?v=132</string> </value> </data> </array> </value> </member> <member> <name>LOCALNAME</name> <value> <string>Researcher Advisory</string> </value> </member> </struct> </value> </data> </array> </value> </member> </struct> </value> </member> </struct> </value> </param> </params>