ThreatPress

WordPress Vulnerabilities Database

Back

WordPress NextGEN Gallery Plugin - Path Disclosure Vulnerability

Product
NextGEN Gallery
Description
This NextGEN Gallery plugin is prone to a path-disclosure vulnerability. It allows anr attacker to obtain sensitive information that may lead to further attacks.
Solution
Update the plugin.
Classification
Type Information Disclosure
OWASP Top 10 A6: Sensitive Data Exposure
References
Exploit-DB
CVE
Name CVE-2013-0291
Versions
Affected In <= 1.9.11
Fixed In 1.9.12
Disclosure date
2013-02-14
Credits
Henrique Montenegro