CVE-2015-1785

CVE-2015-1785

Vendor N/A
Product nextgen-gallery
Weakness CWE-434 · Unrestricted file upload
Published July 7, 2022
Last update August 6, 2024

CVSS base score

What the vulnerability does

01Description

In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the application validates user uploaded files and lack of security measures preventing unwanted HTTP requests.

Key dates

02Disclosure timeline

July 7, 2022 CVE published
August 6, 2024 Record updated