CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 1CVE-2013-3684 – WordPress Gallery Plugin – NextGEN Gallery <= 1.9.12 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2013-3684
NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload El plugin NextGEN Gallery versiones anteriores a 1.9.13 para WordPress: carga del archivo ngggallery.php. The NextGEN Gallery WordPress plugin version 1.9.12 suffers from a remote shell upload vulnerability. • https://www.exploit-db.com/exploits/38585 https://exchange.xforce.ibmcloud.com/vulnerabilities/85011 https://exchange.xforce.ibmcloud.com/vulnerabilities/85012 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 39%CPEs: 2EXPL: 2CVE-2013-0291 – WordPress Gallery Plugin – NextGEN Gallery 1.9.10 - 1.9.11 - Full Path Disclosure
https://notcve.org/view.php?id=CVE-2013-0291
NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability NextGEN Gallery Plugin para WordPress, versiones 1.9.10 y 1.9.11, presenta una Vulnerabilidad de Divulgación de Ruta. NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability. • https://www.exploit-db.com/exploits/38314 http://www.openwall.com/lists/oss-security/2013/02/15/3 http://www.securityfocus.com/bid/57957 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •