WordPress Gallery Plugin – NextGEN Gallery, CVE-2008-7175
- CVE, Research URL
- Application
- Published on
- Sep 08, 2009
- Research Description
- Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action.
- Affected versions
-
Min -, max 2.0.1.
- Status
-
vulnerable