cleantalk
Vulnerabilities and Security Researches

WordPress Gallery Plugin – NextGEN Gallery, CVE-2022-38468

CVE, Research URL

CVE-2022-38468

Home page URL

Security reports for WordPress Gallery Plugin – NextGEN Gallery

Application

WordPress Gallery Plugin – NextGEN Gallery

Published on
Mar 01, 2023
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin <= 3.28 leading to thumbnail alteration.
Affected versions
Min -, max 2.0.66.
Status
vulnerable
Previous vulnerability researches
Geo2 Maps Add-on for NextGEN Gallery (4624f982-a331-414c-88c3-12761807ec95) , Jun 07, 2024
NextGEN Gallery Voting (CVE-2025-28869) , Mar 26, 2025
NextGEN Gallery Voting (488bd710de9089b64a6d30cba806517c0fb9fdf5) , Jun 07, 2024
WordPress Gallery Plugin &#8211; NextGEN Gallery (CVE-2024-5020) , Dec 06, 2024
WordPress Gallery Plugin &#8211; NextGEN Gallery (CVE-2024-10545) , Feb 27, 2025
New vulnerability
Form Maker by 10Web &#8211; Mobile-Friendly Drag &amp; Drop Contact Form Builder (CVE-2025-48341) , May 21, 2025
Back Button Widget (CVE-2025-48252) , May 21, 2025
Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China (CVE-2025-48243) , May 21, 2025
Free Shipping Amount Label &amp; Progress Bar for WooCommerce (CVE-2025-48253) , May 21, 2025
WordPress Gallery Plugin &#8211; NextGEN Gallery (CVE-2024-5878) , May 21, 2025