Forum | Plugins | Researchers find “severe” flaw in NextGEN Gallery Plugin | WordPress NYC Community

Group Admins

Plugins

Public Group active 4 months, 4 weeks ago ago

Talk about your favorite plugins and ask others for advice about finding or using Wordpress plugins

Researchers find “severe” flaw in NextGEN Gallery Plugin

Tagged: Exploit, plugin

This topic contains 0 replies, has 1 voice, and was last updated by Joly MacFie 1 year, 9 months ago.

Viewing 1 post (of 1 total)

Author

Posts
February 28, 2017 at 7:25 pm #3332

Joly MacFie
Participant

https://arstechnica.com/security/2017/02/severe-vulnerability-in-wordpress-plugin-could-affect-1-million-sites/

To exploit the vulnerability, attackers would have to create a feature found in the PHP programming language known as the $container_ids string. Untrusted visitors could achieve this against sites that use the NextGEN Basic TagCloud gallery feature by making slight modifications to the gallery URL.

“With this knowledge, an unauthenticated attacker could add extra sprintf/printf directives to the SQL query and use $wpdb->prepare’s behavior to add attacker controlled code to the executed query,” Monday’s blog post explained.

For the attack to work, a website would have to be set up to allow users to submit posts to be reviewed. An attacker could create an account on the site and submit a post that contains malformed NextGEN Gallery shortcodes.
Author

Posts

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.