2 matches found
CVE-2024-3097
The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getitem function in versions up to, and including, 3.59. This makes it possible for unauthenticated attackers to extract sensitive data includi...
PT-2024-23696 · WordPress · Nextgen Gallery
Name of the Vulnerable Software and Affected Versions: NextGEN Gallery plugin for WordPress versions up to and including 3.59 Description: The issue allows unauthorized access to data due to a missing capability check on the get item function. This enables unauthenticated attackers to extract...