Got an email today stating that our site is vulnerable because of the following scan that Sitelock performed on our website –
Severity: HighCategory: csrf
Summary: NextGEN Gallery Plugin <= 3.28 is vulnerable to Cross Site Request Forgery (CSRF)
Description: Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin <= 3.28 leading to thumbnail alteration.
Severity: High
Category: acl violation
Summary: NextGEN Gallery <= 3.37 - Authenticated (Admininistrator+) Arbitrary File Read and Deletion in gallery_edit
Description: The NextGEN Gallery plugin for WordPress is vulnerable to Arbitrary File Read and Deletion in versions up to, and including, 3.37. This is due to insufficient input validation within the gallery_edit function. This makes it possible for authenticated attackers, with administrator-level privileges and above, to read and delete arbitrary files.
Severity: High
Category: lfi
Summary: NextGEN Gallery < 3.39 - Admin+ Local File Inclusion
Description: The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks
Severity: Critical
Category: other
Summary: WordPress Gallery Plugin – NextGEN Gallery <= 3.38 - Authenticated (Admin+) PHAR Deserialization
Description: The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to PHAR Deserialization in all versions up to, and including, 3.38 via deserialization of untrusted input in the gallery_edit function. This makes it possible for authenticated attackers, with administrative-level access and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
Severity: High
Category: other
Summary: WordPress Gallery Plugin – NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure
Description: The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_item function in versions up to, and including, 3.59. This makes it possible for unauthenticated attackers to extract sensitive data including EXIF and other metadata of any image uploaded through the plugin.
Is there a fix for this ?
