CVE-2015-1784: 
WordPress vulnerability analysis and mitigation

CVE-2015-1784 affects the NextGEN Gallery WordPress plugin versions before 2.0.77.3. This vulnerability, along with CVE-2015-1785, allows attackers to gain full access over the web application through unsafe file upload validation and lack of security measures against unwanted HTTP requests. The plugin, being the sixth most popular WordPress plugin with over 12 million users, was discovered to be vulnerable on March 9th, 2015, and was patched on March 12th, 2015 (Nettitude Blog).

The vulnerability stems from improper validation of user-uploaded files and insufficient security measures preventing unwanted HTTP requests. The plugin's file upload functionality can be exploited by bypassing both client-side and server-side validation mechanisms. The attack involves manipulating file extensions, content-type headers, and inserting valid JPEG file headers to bypass security checks. The CVSS v3.1 base score is 8.8 (HIGH) with a vector string of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability affects approximately 12 million installations vulnerable to CSRF with webshell capabilities, 2.4 million installations vulnerable to webshell through unsafe file upload (for editor and subscriber level users), and 100,000 installations vulnerable to unauthenticated unsafe file upload through certain extensions. Successful exploitation could lead to complete system takeover, database access, and website defacement (Nettitude Blog).

The vulnerability was patched in version 2.0.77.3 of the NextGEN Gallery plugin. Users should update to this version or later to mitigate the risk (WPScan).