Log out
Get PRO

Latest

Input validation vulnerability in WordPress Gallery Plugin – NextGEN Gallery 3.38

  • Severity: high-risk
  • Status: Fixed
  • Publication: September 25, 2023

The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is a vulnerable piece of software. All versions up to, and including, 3.38 have a security issue that allows attackers with administrative-level access or higher to inject a malicious code. This code can be used to delete files, access sensitive data, or execute instructions. There is no protection in place on the vulnerable plugin itself, and if another plugin or theme is installed on the target system, the malicious code could become more powerful.

Detected in:

NextGEN Gallery – Create an Amazing Photo Gallery in Seconds fixed vulnerable versions:
Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery fixed vulnerable versions:
WordPress Gallery Plugin – NextGEN Gallery fixed vulnerable versions: >= * <= 3.38

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.