Log out
Get PRO

Latest

Input validation vulnerability in WordPress Gallery Plugin – NextGEN Gallery 1.5.2

  • Severity: medium-risk
  • Status: Fixed
  • Publication: April 6, 2010

The NextGEN Gallery plugin for WordPress had an issue with its xml/media-rss.php file that allowed people from across the internet to add malicious code to it. This code could have been in the form of web scripts or HTML and was able to be added through the mode parameter. This issue was fixed in version 1.5.2 of the plugin.

Detected in:

NextGEN Gallery – Create an Amazing Photo Gallery in Seconds fixed vulnerable versions:
Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery fixed vulnerable versions:
WordPress Gallery Plugin – NextGEN Gallery fixed vulnerable versions: >= * < 1.5.2

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)

Wordpress Linkedin Github

Get Started

About

Popular articles