RSS   Vulnerabilities for 'Nextgen gallery'   RSS

2010-04-07
 
CVE-2010-1186

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter.

 
2009-09-08
 
CVE-2008-7175

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action.

 


Copyright 2024, cxsecurity.com

 

Back to Top