Security News > 2021 > February > Vulnerabilities in NextGEN Gallery Plugin Exposed Many WordPress Sites to Takeover
Two severe vulnerabilities in the NextGEN Gallery WordPress plugin could have exposed more than 800,000 websites to complete takeover, WordPress security company Defiant reported on Monday.
Available for more than a decade, the plugin provides users with a broad range of gallery management capabilities, such as batch upload of photos, metadata import, thumbnail editing, photo and gallery management, and more.
In December 2020, security researchers with Defiant's Wordfence team discovered two cross-site request forgery vulnerabilities in the popular plugin, the most severe of which could lead to remote code execution and stored cross-site scripting.
"Exploitation of these vulnerabilities could lead to a site takeover, malicious redirects, spam injection, phishing, and much more," the security researchers say.
Because NextGEN Gallery supports the upload of custom CSS files, the vulnerability allows for the upload of arbitrary code with double extensions, such as.
Wordfence reported these vulnerabilities to the plugin's publisher, Imagely, on December 14, 2020, and a patched version of the plugin was published three days later.