Title: [Plugin: NextGEN Gallery] fell security ? Last modified: August 19, 2016 --- # [Plugin: NextGEN Gallery] fell security ? * [Pense Libre](https://wordpress.org/support/users/pense-libre/) * (@pense-libre) * [17 years, 11 months ago](https://wordpress.org/support/topic/plugin-nextgen-gallery-fell-security/) * french forum give a signal fell security in this plugin may you say me the reality about that ? * [http://wordpress.org/extend/plugins/nextgen-gallery/](http://wordpress.org/extend/plugins/nextgen-gallery/) Viewing 5 replies - 1 through 5 (of 5 total) * [bee-dudler](https://wordpress.org/support/users/bee-dudler/) * (@bee-dudler) * [17 years, 11 months ago](https://wordpress.org/support/topic/plugin-nextgen-gallery-fell-security/#post-796492) * Hi, may you kindly post a link to that Forum thread? best regards bee * Thread Starter [Pense Libre](https://wordpress.org/support/users/pense-libre/) * (@pense-libre) * [17 years, 11 months ago](https://wordpress.org/support/topic/plugin-nextgen-gallery-fell-security/#post-796529) * hi, tks for your quick answer, here is : * [http://www.wordpress-fr.net/support/sujet-14850-alerte-faille-securite-nextgen-gallery-inferieures](http://www.wordpress-fr.net/support/sujet-14850-alerte-faille-securite-nextgen-gallery-inferieures) in french * inside the link there [http://blogsecurity.net/wordpress/nextgen-gallery-xss-flaw/](http://blogsecurity.net/wordpress/nextgen-gallery-xss-flaw/) in english ! * i follow you tks * Annie [http://www.penseelibre.info/blog/](http://www.penseelibre.info/blog/) * [Commeuneimage](https://wordpress.org/support/users/commeuneimage/) * (@commeuneimage) * [17 years, 11 months ago](https://wordpress.org/support/topic/plugin-nextgen-gallery-fell-security/#post-796549) * Hi, The information source is [http://blogsecurity.net/wordpress/nextgen-gallery-xss-flaw/](http://blogsecurity.net/wordpress/nextgen-gallery-xss-flaw/) * The french forum thread is [http://www.wordpress-fr.net/support/viewtopic.php?pid=82612#p82612](http://www.wordpress-fr.net/support/viewtopic.php?pid=82612#p82612) * Regards * [bee-dudler](https://wordpress.org/support/users/bee-dudler/) * (@bee-dudler) * [17 years, 11 months ago](https://wordpress.org/support/topic/plugin-nextgen-gallery-fell-security/#post-796552) * Hi, this already has been discussed on Alex page (which is currently offline- moving) and its a question wether to define this as a security problem, hence you have to be logged in as admin as he told to the wp backend. If you are you can do everything you like anyway putting malicious code anywhere. So to me it seems not to be a security issue. * best regards bee * [Alex Rabe](https://wordpress.org/support/users/alexrabe/) * (@alexrabe) * [17 years, 11 months ago](https://wordpress.org/support/topic/plugin-nextgen-gallery-fell-security/#post-796662) * A author/editor/admin which has the rights/capabilities to edit galleries can enter any malicious script code inside the description field of a picture. * So if you grant people access to your blog , which you can’t trust it’s better not to use NextGEN gallery. For me this is not a security problem, because the same can happend at any post/page… And nobody claim this as an XSS. * I’m open for any criticism in this point Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘[Plugin: NextGEN Gallery] fell security ?’ is closed to new replies. * 5 replies * 4 participants * Last reply from: [Alex Rabe](https://wordpress.org/support/users/alexrabe/) * Last activity: [17 years, 11 months ago](https://wordpress.org/support/topic/plugin-nextgen-gallery-fell-security/#post-796662) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics