Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2023-3279
HistoryOct 16, 2023 - 7:39 p.m.

CVE-2023-3279 NextGEN Gallery < 3.39 - Admin+ Local File Inclusion

2023-10-1619:39:18
WPScan
www.cve.org
3
cve-2023-3279
nextgen gallery
admin+
local file inclusion
wordpress plugin

AI Score

6

Confidence

High

EPSS

0.001

Percentile

23.9%

JSON

The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "WordPress Gallery Plugin",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "3.39"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]

Related

nvd 1
wpvulndb 1
cve 1
wpexploit 1
prion 1
openvas 1
nvd
nvd
CVE-2023-3279
2023-10-16 20:15:14
wpvulndb
wpvulndb
NextGEN Gallery < 3.39 - Admin+ Local File Inclusion
2023-09-25 00:00:00
cve
cve
CVE-2023-3279
2023-10-16 20:15:14
wpexploit
wpexploit
NextGEN Gallery < 3.39 - Admin+ Local File Inclusion
2023-09-25 00:00:00
prion
prion
Design/Logic Flaw
2023-10-16 20:15:00
openvas
openvas
WordPress NextGEN Gallery Plugin < 3.39 Multiple Vulnerabilities
2023-10-18 00:00:00

AI Score

6

Confidence

High

EPSS

0.001

Percentile

23.9%

JSON
Related for CVELIST:CVE-2023-3279
nvd1wpvulndb1cve1wpexploit1prion1openvas1