Tag Archives: 1.1

Security Fix for Lazyest Gallery

Daniel Marques found a security vulnerability in the EXIF functions in Lazyest Gallery. Basically someone could upload an image file with Javascript as EXIF data which will be rendered by the browser. All EXIF output is now properly escaped.

Lazyest Gallery runs on WordPress 3.8.1. I have corrected some HTML errors in the uploader tab.