Lucene search

CVE-2020-35942

🗓️ 09 Feb 2021 18:44:15Reported by [email protected]Type

NextGEN Gallery plugin CSRF vulnerability allows Remote Code Execution and XSS

Reporter	Title	Published	Views	Family All 8
WPVulnDB	NextGen Gallery < 3.5.0 - CSRF allows File Upload, Stored XSS, and RCE	8 Feb 202100:00	–	wpvulndb
Cvelist	CVE-2020-35942	9 Feb 202117:49	–	cvelist
Patchstack	WordPress NextGen Gallery plugin <= 3.4.7 - Cross-Site Request Forgery (CSRF) leading to XSS and RCE via file upload and LFI	8 Feb 202100:00	–	patchstack
Prion	Cross site request forgery (csrf)	9 Feb 202118:15	–	prion
CNVD	WordPress NextGEN Gallery plugin cross-site request forgery vulnerability	24 Feb 202100:00	–	cnvd
CVE	CVE-2020-35942	9 Feb 202118:15	–	cve
ThreatPost	Critical WordPress Plugin Flaw Allows Site Takeover	8 Feb 202121:11	–	threatpost
OpenVAS	WordPress NextGEN Gallery Plugin < 3.5.0 Multiple Vulnerabilities	11 Feb 202100:00	–	openvas

Nvd

Node

imagely nextgen_galleryRange<3.5.0wordpress

Source	Link
wordfence	www.wordfence.com/blog/2021/02/severe-vulnerabilities-patched-in-nextgen-gallery-affect-over-800000-wordpress-sites/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Feb 2021 18:15Current

CVSS26.8

CVSS38.8

EPSS0.0094