Nextgen Gallery@* Security Vulnerabilities and Issues — Nextgen Gallery@* CVE List

Lucene search

ImagelyNextgen Gallery*

4 matches found

CVE•added 2019/08/27 4:15 p.m.•214 views

CVE-2019-14314

A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via modules/nextgen_gallery_display/package.module.nextgen_gal...

9.8CVSS9.9AI score0.32777EPSS

CVE•added 2019/11/26 3:15 p.m.•63 views

CVE-2015-9537

The NextGEN Gallery plugin before 2.1.10 for WordPress has multiple XSS issues involving thumbnail_width, thumbnail_height, thumbwidth, thumbheight, wmXpos, and wmYpos, and template.

5.4CVSS5.4AI score0.00466EPSS

CVE•added 2019/11/26 3:15 p.m.•62 views

CVE-2015-9538

The NextGEN Gallery plugin before 2.1.15 for WordPress allows ../ Directory Traversal in path selection.

6.5CVSS6.5AI score0.01477EPSS

CVE•added 2019/08/14 3:15 p.m.•55 views

CVE-2016-10889

The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name.

9.8CVSS9.8AI score0.00546EPSS