CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35942 – WordPress Gallery Plugin – NextGEN Gallery <= 3.4.7 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2020-35942
A Cross-Site Request Forgery (CSRF) issue in the NextGEN Gallery plugin before 3.5.0 for WordPress allows File Upload and Local File Inclusion via settings modification, leading to Remote Code Execution and XSS. (It is possible to bypass CSRF protection by simply not including a nonce parameter.) Un problema de tipo Cross-Site Request Forgery (CSRF) en el plugin de NextGEN Gallery versiones anteriores a 3.5.0 para WordPress, permite la carga de archivos y la inclusión de archivos locales por medio de la modificación de la configuración, conllevando a una ejecución de código remota y un ataque de tipo XSS. (Es posible omitir la protección CSRF simplemente sin incluir un parámetro nonce) • https://www.wordfence.com/blog/2021/02/severe-vulnerabilities-patched-in-nextgen-gallery-affect-over-800000-wordpress-sites • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14314 – NextGEN Gallery <= 3.2.10 - SQL Injection
https://notcve.org/view.php?id=CVE-2019-14314
A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via modules/nextgen_gallery_display/package.module.nextgen_gallery_display.php. Existe una vulnerabilidad de inyección SQL en el complemento Imagely NextGEN Gallery anterior a la versión 3.2.11 para WordPress. La explotación con éxito de esta vulnerabilidad permitiría a un atacante remoto ejecutar comandos SQL arbitrarios en el sistema afectado a través de modules / nextgen_gallery_display / package.module.nextgen_gallery_display.php. • https://github.com/imthoe/CVE-2019-14314 https://de.wordpress.org/plugins/nextgen-gallery/#developers https://wordpress.org/plugins/nextgen-gallery/#developers https://wpvulndb.com/vulnerabilities/9816 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7586 – WordPress Gallery Plugin – NextGEN Gallery <= 2.2.46 - Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2018-7586
In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery paths are not secured. En el plugin nextgen-gallery en versiones anteriores a la 2.2.50 para WordPress, las rutas de galería no son seguras. • https://wordpress.org/plugins/nextgen-gallery/#developers https://wpvulndb.com/vulnerabilities/9033 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000172 – NextGEN Gallery <= 2.2.44 - Cross-Site Scripting via image alt and title text
https://notcve.org/view.php?id=CVE-2018-1000172
Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross Site Scripting (XSS) vulnerability in Image Alt & Title Text. This attack appears to be exploitable via a victim viewing the image in the administrator page. This vulnerability appears to have been fixed in 2.2.45. Imagely NextGEN Gallery, en versiones 2.2.30 y anteriores, contiene una vulnerabilidad de Cross Site Scripting (XSS) en Image Alt Title Text. El ataque parece ser explotable si una víctima visualiza la imagen en la página de administrador. • https://fortiguard.com/zeroday/FG-VD-17-215 https://wordpress.org/plugins/nextgen-gallery/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10889 – NextGEN Gallery <= 2.1.56 - Authenticated Local File Inclusion & SQL injection
https://notcve.org/view.php?id=CVE-2016-10889
The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name. El plugin nextgen-gallery versiones anteriores a 2.1.57 para WordPress, presenta una inyección SQL por medio de un nombre de galería. • https://wordpress.org/plugins/nextgen-gallery/#developers • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •