Which versions of NextGEN Gallery are affected by EUVD-2026-31073?

The NextGEN Gallery WordPress plugin (Awesome Motive) versions before 4.2.1 contain a critical vulnerability allowing unauthorized database access and data theft.. A patch is available.

NextGEN Gallery EUVD-2026-31073

Q: What is the CVSS score of EUVD-2026-31073?

EUVD-2026-31073 has a CVSS 4.0 base score of 9.3 (Critical). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

| CVE-2026-9059 CRITICAL

SQL Injection (CWE-89)

2026-05-20 tenable

GHSA-q977-85xc-w698

SQLi

9.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

May 20, 2026 - 09:30 vuln.today

Patch available

May 20, 2026 - 09:01 EUVD

DescriptionNVD

NextGEN Gallery version prior to 4.2.1 are vulnerable to authenticated SQL injection via the 'orderby' parameter on the REST API endpoints '/imagely/v1/galleries' and '/imagely/v1/albums'.

The root cause is an insufficient sanitization function ('_clean_column()') in the data mapper layer that uses a character blacklist instead of a whitelist approach. This allows an authenticated attacker with the 'NextGEN Gallery overview' capability (assigned to the Administrator role by default) to inject arbitrary SQL into the 'ORDER BY' clause.

AnalysisAI

Authenticated SQL injection in NextGEN Gallery (WordPress plugin by Awesome Motive/Imagely) before version 4.2.1 allows attackers holding the 'NextGEN Gallery overview' capability - granted to Administrators by default - to inject arbitrary SQL via the 'orderby' parameter on the '/imagely/v1/galleries' and '/imagely/v1/albums' REST endpoints. CVSS 4.0 rates this 9.3 due to high confidentiality, integrity, and scope impact; no public exploit identified at time of analysis, but the issue was reported by Tenable Research (TRA-2026-42) and a vendor patch is available.

RemediationAI

Within 24 hours: Identify all WordPress installations using NextGEN Gallery and document current versions. Within 7 days: Update NextGEN Gallery to version 4.2.1 or later on all affected sites; review administrator role assignments and restrict the 'NextGEN Gallery overview' capability to only essential personnel. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-31073 vulnerability details – vuln.today

Back

NextGEN Gallery EUVD-2026-31073

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

NextGEN Gallery EUVD-2026-31073

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code