Description
WordPress Plugin Gallery-Flagallery Photo Portfolio is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Gallery-Flagallery Photo Portfolio version 4.24 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.25 or latest
References
https://research.g0blin.co.uk/cve-2014-8491/
https://wordpress.org/plugins/flash-album-gallery/changelog/
Related Vulnerabilities
WordPress Plugin Asset Manager 'upload.php' Arbitrary File Upload (0.3)
SharePoint CVE-2023-33159 Vulnerability (CVE-2023-33159)
WordPress Plugin PHP Everywhere Multiple Remote Code Execution Vulnerabilities (2.0.3)
WordPress Plugin Download Manager Arbitrary File Deletion (3.2.50)
Oracle Database Server CVE-2009-3411 Vulnerability (CVE-2009-3411)