Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7586 | 1 Imagely | 1 Nextgen Gallery | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery paths are not secured. | |||||
| CVE-2015-9228 | 1 Imagely | 1 Nextgen Gallery | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
| In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php. | |||||
| CVE-2015-9229 | 1 Imagely | 1 Nextgen Gallery | 2024-02-28 | 3.5 LOW | 4.8 MEDIUM |
| In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images[1][alttext] parameter. | |||||