Known Vulnerabilities for products from Imagely
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Imagely".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-3097 json | The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a m... | Not Provided | 2024-04-09 | 2026-04-08 |
| CVE-2023-48328 json | 8.8 - HIGH | 2023-11-30 | 2023-12-06 | |
| CVE-2023-3279 json | The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to genera... | 4.9 - MEDIUM | 2023-10-16 | 2023-11-07 |
| CVE-2023-3155 json | The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of in... | 7.2 - HIGH | 2023-10-16 | 2023-11-07 |
| CVE-2023-3154 json | The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to PHAR Deserialization due to a lack of input parame... | 7.5 - HIGH | 2023-10-16 | 2023-11-07 |
| CVE-2022-38468 json | Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin <= 3.28 leadin... | 4.3 - MEDIUM | 2023-03-01 | 2023-11-07 |
| CVE-2021-24293 json | In the eCommerce module of the NextGEN Gallery Pro WordPress plugin before 3.1.11, there is an action to call get_cart_items ... | 6.1 - MEDIUM | 2021-05-05 | 2021-05-13 |
| CVE-2020-35943 json | A Cross-Site Request Forgery (CSRF) issue in the NextGEN Gallery plugin before 3.5.0 for WordPress allows File Upload. (It is... | 6.5 - MEDIUM | 2021-02-09 | 2021-02-12 |
| CVE-2020-35942 json | A Cross-Site Request Forgery (CSRF) issue in the NextGEN Gallery plugin before 3.5.0 for WordPress allows File Upload and Loc... | 8.8 - HIGH | 2021-02-09 | 2021-07-21 |
| CVE-2019-14314 json | A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitati... | 9.8 - CRITICAL | 2019-08-27 | 2019-12-16 |
| CVE-2018-1000172 json | Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross Site Scripting (XSS) vulnerability in Image Alt & Title T... | 4.8 - MEDIUM | 2018-04-30 | 2018-06-07 |
| CVE-2018-7586 json | In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery paths are not secured. | 7.5 - HIGH | 2018-03-01 | 2020-03-05 |
| CVE-2016-10889 json | The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name. | 9.8 - CRITICAL | 2019-08-14 | 2019-08-16 |
| CVE-2016-6565 json | The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile... | 7.5 - HIGH | 2018-07-13 | 2019-10-09 |
| CVE-2015-9538 json | The NextGEN Gallery plugin before 2.1.15 for WordPress allows ../ Directory Traversal in path selection. | 6.5 - MEDIUM | 2019-11-26 | 2020-11-10 |
| CVE-2015-9537 json | The NextGEN Gallery plugin before 2.1.10 for WordPress has multiple XSS issues involving thumbnail_width, thumbnail_height, t... | 5.4 - MEDIUM | 2019-11-26 | 2020-11-10 |
| CVE-2015-9229 json | In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remot... | 4.8 - MEDIUM | 2017-09-12 | 2020-11-10 |
| CVE-2015-9228 json | In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the ... | 8.8 - HIGH | 2017-09-12 | 2020-10-29 |
| CVE-2015-1785 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-07-07 | 2022-07-14 |
| CVE-2015-1784 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-07-07 | 2022-07-14 |
Known software with vulnerabilities from Imagely
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Imagely | Nextgen Gallery | 1.5.0 |