SQL Injection Vulnerability in NextGEN Gallery for WordPress
As part of a vulnerability research project for our Sucuri Firewall (WAF), we have been auditing multiple open source projects looking for security issues. While working on the WordPress plugin NextGEN Gallery, we discovered a severe SQL Injection vulnerability. This vulnerability allows an unauthenticated user to grab data from the victim’s website database, including sensitive user information.
Are You at Risk?
This vulnerability can be exploited by attackers in at least two different scenarios:
- If you use a NextGEN Basic TagCloud Gallery on your site, or
- If you allow your users to submit posts to be reviewed (contributors).