VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 8, 2009· Updated Apr 23, 2026

CVE-2008-7175

CVE-2008-7175

Description

Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action.

Affected products

34
  • Alex Rabe/Nextgen Gallery34 versions
    cpe:2.3:a:alex_rabe:nextgen_gallery:*:*:*:*:*:*:*:*+ 33 more
    • cpe:2.3:a:alex_rabe:nextgen_gallery:*:*:*:*:*:*:*:*range: <=0.96
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.33:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.34:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.35:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.36:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.37:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.39:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.40:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.41:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.42:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.43:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.50:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.51:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.52:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.60:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.61:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.62:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.63:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.64:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.70:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.71:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.72:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.73:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.74:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.80:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.81:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.82:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.83:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.90:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.91:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.92:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.93:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.94:*:*:*:*:*:*:*
    • cpe:2.3:a:alex_rabe:nextgen_gallery:0.95:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.