Nextgen-gallery WordPress Plugin

Nextgen-gallery Plugin Vulnerabilities

2019-08-27 Nextgen Gallery < 3.2.11 - SQL Injection fixed in version 3.2.11
2019-02-26 Freemius Library <= 2.2.3 - Authenticated Option Update fixed in version 3.1.7
2019-02-05 NextGen Gallery <= 3.1.5 - Authenticated PHP Object Injection fixed in version 3.1.6
2018-03-02 NextGEN Gallery <= 2.2.46 - Galley Paths Not Secured fixed in version 2.2.50
2018-02-14 NextGEN Gallery <= 2.2.44 - Cross-Site Scripting (XSS) fixed in version 2.2.45
2017-02-27 NextGEN Gallery <= 2.1.77 - Unauthenticated SQL Injection fixed in version 2.1.79
2016-11-15 NextGEN Gallery <= 2.1.56 - Authenticated Local File Inclusion (LFI) & SQLi fixed in version 2.1.57
2015-12-23 Nextgen Gallery < 2.1.15 - Unrestricted File Upload fixed in version 2.1.15
2015-08-28 NextGEN Gallery <= 2.1.7 - Authenticated Path Traversal fixed in version 2.1.9
2015-03-25 NextGEN Gallery <= 2.0.77 - CSRF & Arbitrary File Upload fixed in version 2.0.77.3
2015-02-08 NextGEN Gallery 1.9.11 - Full Path Disclosure fixed in version 2.0.0
2015-02-08 NextGEN Gallery 1.9.5 - gallerypath Parameter Stored XSS fixed in version 2.0.0
2014-08-01 NextGEN Gallery <= 1.7.3 - xml/ajax.php Path Disclosure fixed in version 1.7.4
2014-08-01 NextGEN Gallery 2.0.0 - Directory Traversal fixed in version 2.0.7
2014-08-01 NextGEN Gallery - swfupload.swf Cross-Site Scripting (XSS) fixed in version 1.9.8
2014-08-01 NextGEN Gallery 1.9.12 - Arbitrary File Upload fixed in version 1.9.13
2014-08-01 NextGEN Gallery <= 1.9.0 - Multiple Cross-Site Scripting (XSS) fixed in version 1.9.1
2014-08-01 NextGEN Gallery <= 1.8.3 - XXS & CSRF fixed in version 1.8.4
2014-08-01 NextGEN Gallery <= 1.5.1 - Cross-Site Scripting (XSS) fixed in version 1.5.2
2014-05-20 NextGEN Gallery <= 2.0.63 - Arbitrary File Upload fixed in version 2.0.66