Description
WordPress Plugin DM Albums is prone to multiple vulnerabilities that can allow attackers to delete arbitrary files. The issues occur because the software fails to properly sanitize user-supplied input. Attackers can exploit these issues to delete arbitrary files on the victim's computer in the context of the vulnerable application. WordPress Plugin DM Albums versions prior to 2.1 are affected, but note that version 2.1 is still vulnerable to one of the issues.
Remediation
Update to plugin version 2.3.1 or latest
References
Related Vulnerabilities
WordPress Plugin WPML (WordPress Multilingual) Multiple Vulnerabilities (3.1.8.6)
WordPress Plugin Slideshow Gallery LITE Cross-Site Scripting (1.6.4)
MySQL CVE-2019-2963 Vulnerability (CVE-2019-2963)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0792)
WordPress Plugin Bad Behavior Multiple Vulnerabilities (2.2.18)