Nextgen Gallery Security Vulnerabilities and Issues — Nextgen Gallery CVE List

Lucene search

ImagelyNextgen Gallery

3 matches found

CVE•added 2019/08/27 4:15 p.m.•214 views

CVE-2019-14314

A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via modules/nextgen_gallery_display/package.module.nextgen_gal...

9.8CVSS9.9AI score0.32777EPSS

CVE•added 2017/09/12 8:29 a.m.•69 views

CVE-2015-9228

In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php.

9CVSS8.6AI score0.04862EPSS

CVE•added 2019/08/14 3:15 p.m.•55 views

CVE-2016-10889

The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name.

9.8CVSS9.8AI score0.00546EPSS