Lack of Nonce Validation in Insta-Gallery Plugin for WordPress

Lack of Nonce Validation in Insta-Gallery Plugin for WordPress

CVE-2019-15779 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete.

Learn more about our Wordpress Pen Testing.