Threat Post

Critical WordPress Plugin Flaw Allows Site Takeover

A patch in the NextGen Gallery WordPress plugin fixes critical and high-severity cross-site request forgery flaws. Researchers are urging WordPress websites that utilize the NextGen Gallery plugin to ...
Threat Post

Million-Plus WordPress Sites Exposed by Vulnerable Plugin

The popular NextGEN Gallery WordPress plugin was recently patched to address a “severe” SQL injection vulnerability that put website databases at risk. A popular WordPress gallery plugin with more ...
TechRadar

Update this popular WordPress plugin immediately, thousands of users warned

Multiple serious vulnerabilities have been fixed in popular WordPress plugin NextGEN Gallery, which has an active install base of more than 800,000 users. As discovered by the security team at ...
Bleeping Computer

Severe SQL Injection Flaw Discovered in WordPress Plugin with Over 1 Million Installs

A WordPress plugin installed on over one million sites has just fixed a severe SQL injection vulnerability that can allow attackers to steal data from a website's database. The vulnerable plugin's ...
Bleeping Computer

Critical vulnerability fixed in WordPress plugin with 800K installs

The NextGen Gallery development team has addressed two severe CSRF vulnerabilities to protect sites from potential takeover attacks. NextGen Gallery, a WordPress plugin used for creating image ...