NextGen Gallery is a popular WordPress plugin designed to create highly responsive image galleries. It has been installed in over 800,000 WordPress websites. Two Cross-Site Request Forgery (CSRF) vulnerabilities were later determined in the plugin by the Wordfence Threat Intelligence research team on December 14, 2020. The vulnerabilities included a critical severity vulnerability that could lead to Remote Code Execution(RCE) and Stored Cross-Site Scripting(XSS). These flaws made the integrated websites vulnerable to malicious attackers. The exploitation of such attacks could lead to site takeover, malicious redirects, spam injection, and phishing. The plugin’s publisher, Imagely, then released firewall rules to the patched version of NextGen Gallery to Wordfence Premium users first and later to sites running the free version.
Security Patches for Critical Vulnerabilities in NextGen Gallery Plugin
Related Platforms
Our Locations
Recent Case Studies
-
November 22, 2022Data Migration from Adobe Cloud Platform to WPML Format for an International Financial Services Company Based in the U.S.
Virtina always gets the best kick out of tackling the most challenging projects typically unimaginable by standard companies. We invariably say yes to ...
Read More -
June 09, 2022Custom BigCommerce Middleware Development for an Australian BNPL Company
Summary – BigCommerce Middleware Customization Virtina recently triumphantly executed a project for a client based in Australia and New Zealand. The ...
Read More -
June 04, 2021
Split-order, Split-shipment, and State-wise Sales Tax Issues Resolved for a WooCommerce Company
Summary Virtina won a prestigious project from a rental theme kit delivery company in Colorado, United States. The company creates playful experiences ...
Read More -
January 08, 2021
Building a WooCommerce Store for the World’s Largest Government-run Retail Chain
Summary A governmental organization approached Virtina to build a website that enabled the organization members to buy products like automobiles and h ...
Read More
