WordPress RokStories plugin version 1.25 suffers from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities…. WordPress RokStories plugin version 1.25 suffers from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.

Read more http://packetstormsecurity.com/files/123270/wprokstories-dosshelldisclose.txt