Log out
Get PRO

Latest

Access violation vulnerability in WordPress Gallery Plugin – NextGEN Gallery 3.59

  • Severity: medium-risk
  • Status: Fixed
  • Publication: April 5, 2024

The NextGEN Gallery plugin for WordPress, which is used to create galleries on websites, has a security flaw that could allow unauthorized users to access sensitive information. This vulnerability affects all versions up to and including 3.59. Attackers who are not logged in could potentially view private data, such as EXIF and other metadata, from any images uploaded using the plugin.

Detected in:

NextGEN Gallery – Create an Amazing Photo Gallery in Seconds fixed vulnerable versions:
Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery fixed vulnerable versions:
WordPress Gallery Plugin – NextGEN Gallery fixed vulnerable versions: >= * <= 3.59

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.