NextGEN Gallery is an extraordinarily popular plugin for self-hosted WordPress websites, having been downloaded over 16.5 million times.
The software’s widespread popularity (it claims to have been “the industry’s standard WordPress gallery plugin” since 2007) makes it an seemingly obvious choice for website owners looking to add image galleries to their sites.
Researchers at Sucuri uncovered a severe SQL injection vulnerability in NextGEN Gallery’s code which could be used by a malicious attacker to steal sensitive information such as hashed passwords and WordPress secret keys:
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?&tag=Cybersecurity
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?&tag=Cybersecurity