42 matches found
CVE-2022-38468 WordPress NextGEN Gallery Plugin <= 3.28 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin = 3.28 leading to thumbnail alteration...
CVE-2022-38468
CVE-2022-38468 : A CSRF vulnerability in the Imagely WordPress Gallery Plugin – NextGEN Gallery (versions
PT-2023-13608 · Imagely · Imagely Wordpress Gallery Plugin - Nextgen Gallery
Name of the Vulnerable Software and Affected Versions: Imagely WordPress Gallery Plugin - NextGEN Gallery versions prior to 3.29 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability, which can lead to thumbnail alteration. Recommendations: For versions prior to 3.2...
Exploit for SQL Injection in Imagely Nextgen_Gallery
CVE-2019-14314 CVE-2019-14314 - NextGEN Gallery 3.2.10 Authent...
WordPress Imagely NextGEN Gallery Plugin SQL Injection Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Imagely NextGEN Gallery is an image gallery plugin used in it. A SQL injection vulnerability exists in WordPress Imagely NextGEN Galler...
CVE-2019-14314
A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...
CVE-2019-14314
A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...
Sql injection
A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...
CVE-2019-14314
A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...
CVE-2019-14314
The CVE-2019-14314 issue affects the Imagely NextGEN Gallery WordPress plugin prior to 3.2.11. The root cause is a SQL injection in modules/nextgen_gallery_display/package.module.nextgen_gallery_display.php, allowing a remote attacker to execute arbitrary SQL commands and potentially compromise d...
CVE-2019-14314
A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...
CVE-2016-6565
The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some...
CVE-2016-6565
The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some...
Code injection
The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some...
CVE-2016-6565
The CVE-2016-6565 issue affects the WordPress Imagely NextGEN Gallery plugin prior to version 2.1.57. The vulnerability arises from improper validation of the cssfile parameter in an HTTP POST request, which can allow an authenticated user to read arbitrary files on the server or, in some server ...
CVE-2016-6565 The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 may execute code from an uploaded malicious file
The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some...
WordPress Imagely NextGEN Gallery Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Imagely NextGen Gallery is one of the gallery management systems. A cross-site scripting vulnerability exists in Image Alt &...
CVE-2018-1000172
Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross Site Scripting XSS vulnerability in Image Alt & Title Text. This attack appears to be exploitable via a victim viewing the image in the administrator page. This vulnerability appears to have been fixed in 2.2.45...
Cross site scripting
Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross Site Scripting XSS vulnerability in Image Alt & Title Text. This attack appears to be exploitable via a victim viewing the image in the administrator page. This vulnerability appears to have been fixed in 2.2.45...
CVE-2018-1000172
Imagely NextGEN Gallery (WordPress plugin) ≤ 2.2.44 contains a Cross-Site Scripting (XSS) in Image Alt & Title Text. The issue could be triggered when a user views an image on an administrator page, with the root cause stemming from improper validation of user-submitted data in the alt/title attr...