WordPress NextGEN Gallery 2.0.66.16 Cross Site Scripting

2015.12.17
Credit: Madhu Akula
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

Plugin Name : NextGEN Gallery Effected Version : 2.0.66.16 (and most probably lower version's if any) Vulnerability : A3-Cross-Site Scripting (XSS) Identified by : Madhu Akula Technical Details Minimum Level of Access Required : Administrator PoC - (Proof of Concept) : http://localhost/wp-admin/admin.php?page=ngg_addgallery.php Click on Image upload and give the image name as ("><img src=x onerror=prompt(document.cookie)>.png") Video Demonstration : http://www.youtube.com/watch?v=SzNopJUE3nk Type of XSS : Stored Fixed in : 2.0.66.17 http://wordpress.org/plugins/nextgen-gallery/changelog/ Disclosure Timeline Vendor Contacted : 2014-08-02 Plugin Status : Updated on 2014-08-04 Public Disclosure : October 3, 2015 CVE Number : Not assigned yet Plugin Description : NextGEN Gallery is the most popular WordPress gallery plugin, and one of the most popular WordPress plugins of all time, with over 10 million downloads. It provides a powerful engine for uploading and managing galleries of images, with the ability to batch upload, import meta data, add/delete/rearrange/sort images, edit thumbnails, group galleries into albums, and more. It also provides two front-end display styles (slideshows and thumbnail galleries), both of which come with a wide array of options for controlling size, style, timing, transitions, controls, lightbox effects, and more.


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top