WordPress Plugin Vulnerabilities

NextGEN Gallery < 2.1.79 - Unauthenticated SQL Injection

Description

According to the original source, one of the following conditions must be met for exploitation:

1. The use of a NextGEN Basic TagCloud gallery.
2. If users are able to submit posts to be reviewed (contributors).

Affects Plugins

Plugin icon
nextgen-gallery
Fixed in 2.1.79

References

URL
https://blog.sucuri.net/2017/02/sql-injection-vulnerability-nextgen-gallery-wordpress.html
URL
https://plugins.trac.wordpress.org/changeset/1602275/nextgen-gallery

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
8.4 (high)

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
801329ba-5c6d-4a12-a9a5-225a3eac4f3f

Timeline

Publicly Published
2017-02-27 (about 6 years ago)
Added
2017-02-27 (about 6 years ago)
Last Updated
2021-02-08 (about 2 years ago)

Other

Published
Title
Published
2012-11-05
Title
Ajax Post Search <= 1.3 - SQL Injection
Published
2003-06-02
Title
WordPress 0.7 - SQL Injection
Published
2021-07-23
Title
Cashtomer <= 1.0.0 - Authenticated SQL Injection
Published
2021-11-18
Title
WP User Frontend < 3.5.25 - Admin+ SQL Injection
Published
2021-06-29
Title
Popup box < 2.3.4 - Authenticated Blind SQL Injections