WordPress Plugin: nextgen-gallery

Vulnerabilities

2016-11-16 NextGEN Gallery <= 2.1.56 - Authenticated Local File Inclusion (LFI) fixed in version 2.1.57
2015-08-28 NextGEN Gallery <= 2.1.7 - Authenticated Path Traversal fixed in version 2.1.9
2015-03-25 NextGEN Gallery <= 2.0.77 - CSRF & Arbitrary File Upload fixed in version 2.0.77.3
2014-08-01 NextGEN Gallery <= 1.7.3 - xml/ajax.php Path Disclosure fixed in version 1.7.4
2014-08-01 NextGEN Gallery <= 1.5.1 - Cross-Site Scripting (XSS) fixed in version 1.5.2
2014-08-01 NextGEN Gallery <= 2.0.63 - Arbitrary File Upload fixed in version 2.0.66
2014-08-01 NextGEN Gallery 2.0.0 - Directory Traversal fixed in version 2.0.7
2014-08-01 NextGEN Gallery - swfupload.swf Cross-Site Scripting (XSS) fixed in version 1.9.8
2014-08-01 NextGEN Gallery 1.9.12 - Arbitrary File Upload fixed in version 1.9.13
2014-08-01 NextGEN Gallery 1.9.11 - Full Path Disclosure fixed in version 2.0.0
2014-08-01 NextGEN Gallery 1.9.5 - gallerypath Parameter Stored XSS fixed in version 2.0.0
2014-08-01 NextGEN Gallery <= 1.9.0 - Multiple Cross-Site Scripting (XSS) fixed in version 1.9.1
2014-08-01 NextGEN Gallery <= 1.8.3 - XXS & CSRF fixed in version 1.8.4