ThreatPress

WordPress Vulnerabilities Database

Back

WordPress NextGEN Gallery plugin <=2.2.46 - Gallery Paths Not Secured

Product
NextGEN Gallery
Description
Telefonica Cybersecurity Unit found an issue with insecure paths in WordPress NextGEN Gallery plugin (versions <=2.2.46).
Solution
Update the WordPress NextGEN Gallery plugin to the latest available version (at least 2.2.50).
Classification
Type Unknown
References
Plugin changelog
CVE
Name CVE-2018-7586
Versions
Affected In <=2.2.46
Fixed In 2.2.50
Disclosure date
2018-03-02
Credits
Telefonica Cybersecurity Unit
Submitter
ThreatPress