CVSS: 5.3EPSS: 6%CPEs: 1EXPL: 1CVE-2024-3097 – WordPress Gallery Plugin – NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure
https://notcve.org/view.php?id=CVE-2024-3097
05 Apr 2024 — The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_item function in versions up to, and including, 3.59. This makes it possible for unauthenticated attackers to extract sensitive data including EXIF and other metadata of any image uploaded through the plugin. El complemento WordPress Gallery Plugin – NextGEN Gallery para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de ... • https://github.com/Athos-Zago/CVE-2024-30973 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48328 – WordPress NextGEN Gallery Plugin <= 3.37 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-48328
23 Nov 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery allows Cross Site Request Forgery.This issue affects WordPress Gallery Plugin – NextGEN Gallery: from n/a through 3.37. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Imagely WordPress Gallery Plugin – NextGEN Gallery permite Cross-Site Request Forgery. Este problema afecta a WordPress Gallery Plugin – NextGEN Gallery: desde n/a hasta 3.37. The NextGEN Gallery plugin for WordPress is vulnerable to C... • https://patchstack.com/database/vulnerability/nextgen-gallery/wordpress-wordpress-gallery-plugin-nextgen-gallery-plugin-3-37-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3155 – NextGEN Gallery < 3.39 - Admin+ Arbitrary File Read and Delete
https://notcve.org/view.php?id=CVE-2023-3155
25 Sep 2023 — The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the `gallery_edit` function, allowing an attacker to access arbitrary resources on the server. El complemento WordPress Gallery Plugin para WordPress anterior a 3.39 es vulnerable a la lectura y eliminación arbitraria de archivos debido a la falta de validación de parámetros de entrada en la función `gallery_edit`, lo que permite a un atacante acceder a rec... • https://wpscan.com/vulnerability/5c8473f4-4b52-430b-9140-b81b0a0901da • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3279 – NextGEN Gallery < 3.39 - Admin+ Local File Inclusion
https://notcve.org/view.php?id=CVE-2023-3279
25 Sep 2023 — The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks El complemento WordPress Gallery Plugin para WordPress anterior a 3.39 no valida algunos atributos de bloque antes de usarlos para generar rutas pasadas para incluir funciones, lo que permite a los usuarios administradores realizar ataques LFI The WordPress Gallery Plugin – NextGEN Gallery plugin for Wo... • https://wpscan.com/vulnerability/3b7a7070-8d61-4ff8-b003-b4ff06221635 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3154 – NextGEN Gallery < 3.39 - Admin+ PHAR Deserialization
https://notcve.org/view.php?id=CVE-2023-3154
25 Sep 2023 — The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to PHAR Deserialization due to a lack of input parameter validation in the `gallery_edit` function, allowing an attacker to access arbitrary resources on the server. El complemento WordPress Gallery Plugin para WordPress anterior a 3.39 es vulnerable a PHAR Deserialization debido a la falta de validación de parámetros de entrada en la función `gallery_edit`, lo que permite a un atacante acceder a recursos arbitrarios en el servidor. The... • https://wpscan.com/vulnerability/ed099489-1db4-4b42-9f72-77de39c9e01e • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38468 – WordPress NextGEN Gallery Plugin <= 3.28 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-38468
14 Feb 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin <= 3.28 leading to thumbnail alteration. The NextGEN Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.28. This is due to missing or incorrect nonce validation on the 'ajax_set_post_thumbnail' and 'createNewThumb' functions. This makes it possible for unauthenticated attackers to create and set thumbnails on posts via a forged request granted... • https://patchstack.com/database/vulnerability/nextgen-gallery/wordpress-wordpress-gallery-plugin-nextgen-gallery-plugin-3-28-cross-site-request-forgery-csrf?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24293 – NextGEN Gallery Pro < 3.1.11 - Reflected Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-24293
24 Feb 2021 — In the eCommerce module of the NextGEN Gallery Pro WordPress plugin before 3.1.11, there is an action to call get_cart_items via photocrati_ajax , after that the settings[shipping_address][name] is able to inject malicious javascript. En el módulo eCommerce del plugin NextGEN Gallery Pro WordPress versiones anteriores a 3.1.11, se presenta una acción para llamar a get_cart_items por medio de photocrati_ajax, después de eso, la settings[shipping_address][name] es capaz de inyectar javascript malicioso • https://wpscan.com/vulnerability/5e1a4725-3d20-44b0-8a35-bbf4263957f7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35943 – WordPress Gallery Plugin – NextGEN Gallery <= 3.4.7 - Cross-Site Request Forgery to Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2020-35943
17 Dec 2020 — A Cross-Site Request Forgery (CSRF) issue in the NextGEN Gallery plugin before 3.5.0 for WordPress allows File Upload. (It is possible to bypass CSRF protection by simply not including a nonce parameter.) Un problema de tipo Cross-Site Request Forgery (CSRF) en el plugin de NextGEN Gallery versiones anteriores a 3.5.0 para WordPress, permite la carga de archivos. (Es posible omitir la protección CSRF simplemente sin incluir un parámetro nonce) • https://www.wordfence.com/blog/2021/02/severe-vulnerabilities-patched-in-nextgen-gallery-affect-over-800000-wordpress-sites • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35942 – WordPress Gallery Plugin – NextGEN Gallery <= 3.4.7 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2020-35942
17 Dec 2020 — A Cross-Site Request Forgery (CSRF) issue in the NextGEN Gallery plugin before 3.5.0 for WordPress allows File Upload and Local File Inclusion via settings modification, leading to Remote Code Execution and XSS. (It is possible to bypass CSRF protection by simply not including a nonce parameter.) Un problema de tipo Cross-Site Request Forgery (CSRF) en el plugin de NextGEN Gallery versiones anteriores a 3.5.0 para WordPress, permite la carga de archivos y la inclusión de archivos locales por medio de la mod... • https://www.wordfence.com/blog/2021/02/severe-vulnerabilities-patched-in-nextgen-gallery-affect-over-800000-wordpress-sites • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 32%CPEs: 1EXPL: 1CVE-2019-14314 – NextGEN Gallery <= 3.2.10 - SQL Injection
https://notcve.org/view.php?id=CVE-2019-14314
27 Aug 2019 — A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via modules/nextgen_gallery_display/package.module.nextgen_gallery_display.php. Existe una vulnerabilidad de inyección SQL en el complemento Imagely NextGEN Gallery anterior a la versión 3.2.11 para WordPress. La explotación con éxito de esta vulnerabilidad permitiría a un a... • https://github.com/imthoe/CVE-2019-14314 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •