Is "NextGEN Gallery" safe?
WordPress Plugin security and safety information.
Rating: Good (current version safe)
Recommendations
NextGEN Gallery: Plugin Details
| Type: | Plugin |
| Author: | Photocrati Media |
| URL: | https://wordpress.org/plugins/nextgen-gallery |
| Latest Version: | 3.1.7 |
NextGEN Gallery: Security Information
| Insecure versions: | Up To 3.1.6 |
| Known since: | 2019-03-04 03:17:20 |
| Description: | Vulnerablility in Fremius Library <= 2.2.3 |
| Insecure versions: | Up To 3.1.5 |
| Known since: | 2019-02-06 18:05:25 |
| Insecure versions: | Up To 2.2.44 |
| Known since: | 2018-05-04 15:42:44 |
| Insecure versions: | Up To 2.2.46 |
| Known since: | 2018-03-05 05:36:53 |
| Insecure versions: | Up To 2.1.77 |
| Known since: | 2017-03-06 04:08:39 |
| Insecure versions: | Up To 2.1.56 |
| Known since: | 2016-11-30 19:37:44 |
| Insecure versions: | Up To 1.5.1 |
| Known since: | 2015-11-25 04:38:38 |
| Insecure versions: | Up To 2.1.7 |
| Known since: | 2015-09-07 07:53:33 |
| Description: | Prior to version 2.1.9, there is a vulnerability which allows a user of your site to view any files on the server. |
| Description: | NextGEN Gallery <= 2.1.7 - Authenticated Path Traversal |
| Insecure versions: | Up To 1.5.1 |
| Known since: | 2014-03-18 20:05:54 |
| Description: | NextGEN Gallery <= 1.5.1 - xml/media-rss.php mode Parameter XSS |
| More Information: | |
| Insecure versions: | Up To 1.7.3 |
| Known since: | 2014-03-18 20:05:54 |
| Description: | NextGEN Gallery <= 1.7.3 - xml/ajax.php Path Disclosure |
| Insecure versions: | Up To 1.8.3 |
| Known since: | 2014-03-18 20:05:54 |
| Description: | NextGEN Gallery <= 1.8.3 - Tag Deletion CSRF |
| Insecure versions: | Up To 1.8.3 |
| Known since: | 2014-03-18 20:05:54 |
| Description: | NextGEN Gallery <= 1.8.3 - wp-admin/admin.php search Parameter XSS |
| Insecure versions: | Up To 1.9.0 |
| Known since: | 2014-03-18 20:05:54 |
| Description: | NextGEN Gallery <= 1.9.0 - admin/manage.php Multiple Parameter XSS |
| Insecure versions: | Up To 1.9.0 |
| Known since: | 2014-03-18 20:05:54 |
| Description: | NextGEN Gallery <= 1.9.0 - admin/manage-images.php paged Parameter XSS |
| Insecure versions: | Up To 1.9.0 |
| Known since: | 2014-03-18 20:05:54 |
| Description: | NextGEN Gallery <= 1.9.0 - admin/manage-galleries.php paged Parameter XSS |
| Insecure versions: | Up To 1.9.5 |
| Known since: | 2014-03-18 20:05:54 |
| Description: | NextGEN Gallery 1.9.5 - gallerypath Parameter Stored XSS |
| Insecure versions: | Up To 1.9.11 |
| Known since: | 2014-03-18 20:05:54 |
| Description: | NextGEN Gallery 1.9.11 - xml/json.php Crafted Request Parsing Path Disclosure |
| More Information: | |
| Insecure versions: | Up To 1.9.12 |
| Known since: | 2014-03-18 20:05:54 |
| Description: | NextGEN Gallery 1.9.12 - Arbitrary File Upload |
| More Information: | |
| More Information: | |
| Insecure versions: | Up To 1.9.12 |
| Known since: | 2014-03-18 20:05:54 |
| Description: | NextGEN Gallery 1.9.12 - Arbitrary File Upload |
| More Information: | |
| More Information: | |
NextGEN Gallery: Safety Recommendations
We have rated NextGEN Gallery as Good (current version safe) which means that we have found vulnerabilities in older versions.
We recommend that you only use the latest version of NextGEN Gallery.
NextGEN Gallery: Staying Up-to-date
Make sure your installation of NextGEN Gallery is safe with the following free Jetpack services for WordPress sites:
- Updates & Management
Turn on auto-updates for NextGEN Gallery or manage in bulk. - Prevent Infiltrations
Automatic protection against brute force attacks and secure sign on.
NextGEN Gallery: Keeping Safe
If you're running a business, ecommerce, news, or other critical website, Jetpack also provides additional indispensable services:
- Automated Backups
Full backup of your entire site with unlimited storage space. - Restores & Migrations
Restore or migrate your site from a backup with one click. - Security Scanning
Regular, automated scans of your site for malware, threats, and hacks. - Expert Support
Fast, priority support for any WordPress security issue.
About this information
This WordPress security information is part of our security library and is brought to you by Jetpack as part of our committment to a safer WordPress experience.
If you have any questions, please do not hesitate to contact us.
