cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-3097,https://securityvulnerability.io/vulnerability/CVE-2024-3097,Unauthorized Data Access Vulnerability in NextGEN Gallery Plugin for WordPress,"The NextGEN Gallery plugin for WordPress is susceptible to unauthorized access, allowing attackers to bypass security measures due to a missing capability check in the get_item function. This vulnerability enables unauthenticated users to extract sensitive image metadata, including EXIF data, from any images uploaded via the plugin. The issue affects versions up to and including 3.59, posing a significant risk to site owners who need to protect their media data. Immediate action is recommended for users of the affected versions.",Wordpress,WordPress Gallery Plugin – Nextgen Gallery,5.3,MEDIUM,0.061469998210668564,false,,false,false,false,,false,false,2024-04-09T18:58:58.660Z,0
CVE-2023-48328,https://securityvulnerability.io/vulnerability/CVE-2023-48328,WordPress NextGEN Gallery Plugin <= 3.37 is vulnerable to Cross Site Request Forgery (CSRF),"A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Imagely WordPress Gallery Plugin – NextGEN Gallery. This vulnerability allows attackers to execute unauthorized actions on behalf of authenticated users without their consent. This issue affects all versions up to 3.37, posing significant risks to website security and integrity. Website administrators are urged to implement protective measures and update to the latest version to mitigate potential threats.",Wordpress,WordPress Gallery Plugin – NextGEN Gallery,8.8,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,2023-11-30T16:15:00.000Z,0
CVE-2022-38468,https://securityvulnerability.io/vulnerability/CVE-2022-38468,WordPress NextGEN Gallery Plugin <= 3.28 is vulnerable to Cross Site Request Forgery (CSRF),Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin <= 3.28 leading to thumbnail alteration.,Wordpress,WordPress Gallery Plugin – Nextgen Gallery,4.3,MEDIUM,0.0005300000193528831,false,,false,false,false,,false,false,2023-03-01T13:02:01.753Z,0
CVE-2013-0291,https://securityvulnerability.io/vulnerability/CVE-2013-0291,,NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability,Wordpress,Nextgen Gallery Plugin,7.5,HIGH,0.3820199966430664,false,,false,false,false,,false,false,2020-01-30T13:00:16.000Z,0
CVE-2016-6565,https://securityvulnerability.io/vulnerability/CVE-2016-6565,The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 may execute code from an uploaded malicious file,"The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some circumstances (dependent on server configuration).",Wordpress,Nextgen Gallery Plugin,7.5,HIGH,0.0042500002309679985,false,,false,false,false,,false,false,2018-07-13T20:00:00.000Z,0