2 matches found
CVE-2013-3684
NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload...
CVE-2024-10545 NextGEN Gallery < 3.59.9 - Admin+ Stored XSS
The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.9 does not sanitise and escape some of its Image settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...