WordPress RokIntroScroller plugin versions 1.8 and below suffer from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.
51756b3d26e947a4e3e7bee9dc5b4b36ee6fcc6a1dfe1823c1e33467cf47748e