Description
WordPress Plugin DZS Video Gallery is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin DZS Video Gallery version 3.1.3 is vulnerable; other versions may also be affected.
Remediation
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
References
Related Vulnerabilities
MODX Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-8775)
WordPress 4.0.x Arbitrary File Deletion Vulnerability (4.0 - 4.0.23)
Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2014-7143)
YOURLS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3824)
IBMHttpServer Improper Input Validation Vulnerability (CVE-2023-26281)