3 matches found
WordPress NextGEN Gallery Plugin < 3.39 is vulnerable to Arbitrary File Deletion
Software NextGEN Gallery Type Plugin Vulnerable versions 3.39 Fixed in 3.39 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2023-3155 Patch priority Low CVSS severity Low 6.7 Developer Claim ownership PSID ce42760e71e9 Credits Linwz from DEVCORE Required...
CVE-2023-3155
The CVE-2023-3155 entry refers to the WordPress NextGEN Gallery Plugin (versions before 3.39) with an Arbitrary File Read/Delete vulnerability caused by missing input parameter validation in the gallery_edit function. The vulnerability could allow an attacker to access arbitrary resources on the ...
CVE-2023-3155 NextGEN Gallery < 3.39 - Admin+ Arbitrary File Read and Delete
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the galleryedit function, allowing an attacker to access arbitrary resources on the server...