Critical SQL Injection Vulnerability Found in NextGEN Gallery WordPress Plugin

The vulnerability can lead to attackers grabbing data from website database or user sensitive information


                                      NextGEN Gallery for WordPress needs immediate update


Feb 27, 2017 22:49 GMT  ·  By Gabriela Vatu

A new SQL Injection vulnerability was discovered in the NextGen Gallery plugin for WordPress, allowing users to grab data from the victim’s website database, which may very well include sensitive user information. 


The discovery was made by researchers from Sucuri who were working on discovering vulnerabilities for the Sucuri Firewall. For this project, they’ve been auditing multiple open source project looking for security issues, before stumbling upon NextGen Gallery, which is one of the most used gallery plugins on WordPress, with over 16.5 million downloads.


Full Article

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico