Vulnerabilities > Imagely > Low

DATE CVE VULNERABILITY TITLE RISK
2019-11-26 CVE-2015-9537 Cross-site Scripting vulnerability in Imagely Nextgen Gallery
The NextGEN Gallery plugin before 2.1.10 for WordPress has multiple XSS issues involving thumbnail_width, thumbnail_height, thumbwidth, thumbheight, wmXpos, and wmYpos, and template.
network
imagely CWE-79
3.5
2018-04-30 CVE-2018-1000172 Cross-site Scripting vulnerability in Imagely Nextgen Gallery
Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross Site Scripting (XSS) vulnerability in Image Alt & Title Text.
network
imagely CWE-79
3.5
2017-09-12 CVE-2015-9229 Cross-site Scripting vulnerability in Imagely Nextgen Gallery 2.1.15
In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images[1][alttext] parameter.
network
imagely CWE-79
3.5