What is CVE-2026-1463?

CVE-2026-1463 is a high-severity vulnerability in Smub Photo Gallery, Sliders, Proofing And Themes – Nextgen Gallery, classified under PHP Remote File Inclusion. CVSS score: 8.8/10. Published 2026-03-18.

How severe is CVE-2026-1463?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Smub Photo Gallery, Sliders, Proofing And Themes – Nextgen Gallery

CVE-2026-1463

The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.3 via the 'template' parameter in gallery shortcodes. This makes it poss…

EPSS: 0.002 (36.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Smub Photo Gallery, Sliders, Proofing And Themes – Nextgen Gallery — versions 0

Weakness classification (CWE)

CWE-98 — PHP Remote File Inclusion

References

Frequently asked questions

What is CVE-2026-1463?: CVE-2026-1463 is a high-severity vulnerability in Smub Photo Gallery, Sliders, Proofing And Themes – Nextgen Gallery, classified under PHP Remote File Inclusion. CVSS score: 8.8/10. Published 2026-03-18.
How severe is CVE-2026-1463?: High severity. CVSS v3 base score is 8.8 out of 10.