CVSS: 10.0EPSS: 40%CPEs: 1EXPL: 2CVE-2013-3684 – WordPress Gallery Plugin – NextGEN Gallery <= 1.9.12 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2013-3684
13 Jun 2013 — NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload El plugin NextGEN Gallery versiones anteriores a 1.9.13 para WordPress: carga del archivo ngggallery.php. The NextGEN Gallery WordPress plugin version 1.9.12 suffers from a remote shell upload vulnerability. • https://packetstorm.news/files/id/122021 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 30%CPEs: 2EXPL: 2CVE-2013-0291 – WordPress Gallery Plugin – NextGEN Gallery 1.9.10 - 1.9.11 - Full Path Disclosure
https://notcve.org/view.php?id=CVE-2013-0291
14 Feb 2013 — NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability NextGEN Gallery Plugin para WordPress, versiones 1.9.10 y 1.9.11, presenta una Vulnerabilidad de Divulgación de Ruta. NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability. • https://www.exploit-db.com/exploits/38314 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •