WordPress Plugin: nextgen-gallery

Vulnerabilities

2018-05-03 NextGEN Gallery <= 2.2.44 - Cross-Site Scripting (XSS) fixed in version 2.2.45
2018-03-02 NextGEN Gallery <= 2.2.46 - Galley Paths Not Secured fixed in version 2.2.50
2017-02-27 NextGEN Gallery <= 2.1.77 - Unauthenticated SQL Injection fixed in version 2.1.79
2016-11-16 NextGEN Gallery <= 2.1.56 - Authenticated Local File Inclusion (LFI) fixed in version 2.1.57
2015-08-28 NextGEN Gallery <= 2.1.7 - Authenticated Path Traversal fixed in version 2.1.9
2015-03-25 NextGEN Gallery <= 2.0.77 - CSRF & Arbitrary File Upload fixed in version 2.0.77.3
2014-08-01 NextGEN Gallery <= 1.7.3 - xml/ajax.php Path Disclosure fixed in version 1.7.4
2014-08-01 NextGEN Gallery <= 1.5.1 - Cross-Site Scripting (XSS) fixed in version 1.5.2
2014-08-01 NextGEN Gallery <= 2.0.63 - Arbitrary File Upload fixed in version 2.0.66
2014-08-01 NextGEN Gallery 2.0.0 - Directory Traversal fixed in version 2.0.7
2014-08-01 NextGEN Gallery - swfupload.swf Cross-Site Scripting (XSS) fixed in version 1.9.8
2014-08-01 NextGEN Gallery 1.9.12 - Arbitrary File Upload fixed in version 1.9.13
2014-08-01 NextGEN Gallery 1.9.11 - Full Path Disclosure fixed in version 2.0.0
2014-08-01 NextGEN Gallery 1.9.5 - gallerypath Parameter Stored XSS fixed in version 2.0.0
2014-08-01 NextGEN Gallery <= 1.9.0 - Multiple Cross-Site Scripting (XSS) fixed in version 1.9.1
2014-08-01 NextGEN Gallery <= 1.8.3 - XXS & CSRF fixed in version 1.8.4