cleantalk
Vulnerabilities and Security Researches

WordPress Gallery Plugin – NextGEN Gallery, CVE-2016-10889

CVE, Research URL

CVE-2016-10889

Home page URL

Security reports for WordPress Gallery Plugin – NextGEN Gallery

Application

WordPress Gallery Plugin – NextGEN Gallery

Published on
Aug 14, 2019
Research Description
The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name.
Affected versions
Min -, max 2.1.57.
Status
vulnerable
Previous vulnerability researches
Geo2 Maps Add-on for NextGEN Gallery (4624f982-a331-414c-88c3-12761807ec95) , Jun 07, 2024
NextGEN Gallery Voting (CVE-2025-28869) , Mar 26, 2025
NextGEN Gallery Voting (488bd710de9089b64a6d30cba806517c0fb9fdf5) , Jun 07, 2024
WordPress Gallery Plugin – NextGEN Gallery (CVE-2024-5020) , Dec 06, 2024
WordPress Gallery Plugin – NextGEN Gallery (CVE-2024-10545) , Feb 27, 2025
New vulnerability
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder (CVE-2025-48341) , May 21, 2025
Back Button Widget (CVE-2025-48252) , May 21, 2025
Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China (CVE-2025-48243) , May 21, 2025
Free Shipping Amount Label & Progress Bar for WooCommerce (CVE-2025-48253) , May 21, 2025
WordPress Gallery Plugin – NextGEN Gallery (CVE-2024-5878) , May 21, 2025