Log out
Get PRO

Latest

Output validation vulnerability in WordPress Gallery Plugin – NextGEN Gallery 3.1.5

  • Severity: high-risk
  • Status: Fixed
  • Publication: February 4, 2019

The NextGen Gallery plugin for WordPress has a security vulnerability in versions 3.1.5 and earlier. If someone with malicious intent can access the plugin, they can use the “sortorder” parameter to execute code on the computer hosting the plugin. This could allow them to take control of the computer and gain access to whatever information is stored on it.

Detected in:

NextGEN Gallery – Create an Amazing Photo Gallery in Seconds fixed vulnerable versions:
Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery fixed vulnerable versions:
WordPress Gallery Plugin – NextGEN Gallery fixed vulnerable versions: >= * <= 3.1.5

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.