WordPress NextGEN Gallery Plugin < 3.59.5 is vulnerable to Cross Site Scripting (XSS)

Software NextGEN Gallery Type Plugin Vulnerable versions 3.59.5 Fixed in 3.59.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6393 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0e6857ff3928 Credits WPscan Required privileg...

WordPress NextGEN Gallery Plugin <= 3.3.6 is vulnerable to Cross Site Scripting (XSS)

Software NextGEN Gallery Type Plugin Vulnerable versions = 3.3.6 Fixed in 3.4.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 1895dd78f517 Credits Rafie Muhammad Patchstack Required...

CVE-2015-9538

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wpnextgengalleyfileread.rb 2024-02-28 10:41:08+00:00| seen| https://t.me/ctinow/195303 2025-10-23 21:12:58+00:00| seen|...

WordPress NextGEN Gallery 2.0.63 Shell Upload Vulnerability

WordPress NextGEN Gallery plugin version 2.0.63 suffers from a remote shell upload vulnerability. Exploit Title: Wordpress NextGEN Gallery Plugin 2.0.63 Arbitrary File Upload Author: SANTHO @s4n7h0 Vendor Homepage: http://wordpress.org/plugins/nextgen-gallery/ Category: WebApp / CMS / Wordpress...