A dangerous SQL injection vulnerability has been detected in NextGEN Gallery, WordPress’ renowned image gallery plugin that currently has 1 million active installs. Researchers disclosed a remote code execution flaw last year in this plugin, so it is not a first time for NextGEN Gallery plugin to have become an easy prey.
Researchers at Sucuri, a web security firm, have identified this flaw which provides a hacker easy access to the targeted website’s sensitive data that also comprise of passwords and secret codes.
With the release of version 2.1.79 last week this flaw was detected, but there was no acknowledgement of it in the changelog. NextGEN Gallery developers have not disinfected its user input which has resulted in the SQL injection vulnerability.
Slavo Mihajloski, the Sucuri vulnerability researcher warned NextGEN’s users by saying, ‘This is quite a critical issue and if you’re using a vulnerable version of this plugin, update as soon as possible!’
Two possible attacks are likely to occur according to Slavco; One possibility is where the targeted website uses a NextGEN Basic TagCloud Gallery; the hacker can modify the URL of this gallery and eliminate SQL queries. Another possibility is where users submit review posts; a legitimate attacker can eliminate pernicious codes through shortcodes.
