NextGen Gallery is a popular WordPress plugin designed to create highly responsive image galleries. It has been installed in over 800,000 WordPress websites. Two Cross-Site Request Forgery (CSRF) vulnerabilities were later determined in the plugin by the Wordfence Threat Intelligence research team on December 14, 2020. The vulnerabilities included a critical severity vulnerability that could lead to Remote Code Execution(RCE) and Stored Cross-Site Scripting(XSS). These flaws made the integrated websites vulnerable to malicious attackers. The exploitation of such attacks could lead to site takeover, malicious redirects, spam injection, and phishing. The plugin’s publisher, Imagely, then released firewall rules to the patched version of NextGen Gallery to Wordfence Premium users first and later to sites running the free version.
Security Patches for Critical Vulnerabilities in NextGen Gallery Plugin
Related Platforms
Our Locations
Recent Case Studies
-
August 11, 2023Combining Content and Commerce Capabilities of Magento and WordPress for an Energy Service Provider
Everyone in the eCommerce circle has heard the slogan "content is king" at least once. Of course, even a king has his limitations without his army. In ...
Read More -
July 13, 2023
Query Time Optimization With Custom Coding for a Boat Kit Company on WooCommerce
Virtina helps eCommerce store owners get the most out of their online business. It is what we do best. So, it is no wonder we were the first choice fo ...
Read More -
June 30, 2023
Custom Amazon Buy With Prime Integration for a Footwear Store on Volusion
Volusion is one of the most robust eCommerce platforms for running an online business. It can support just about any eCommerce capability you want. Ho ...
Read More -
June 06, 2023Customization of WooCommerce Plugin and Marketplace Release for a Non-profit Fintech Solution Provider
Creating a custom plugin for WooCommerce stores is often more complex than you think. Many organizations need to understand the complexities of the pr ...
Read More
