Description
WordPress Plugin Gallery-Flagallery Photo Portfolio is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Gallery-Flagallery Photo Portfolio version 4.24 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.25 or latest
References
https://research.g0blin.co.uk/cve-2014-8491/
https://wordpress.org/plugins/flash-album-gallery/changelog/
Related Vulnerabilities
Oracle JRE CVE-2018-2633 Vulnerability (CVE-2018-2633)
WordPress Plugin Leaky Paywall Cross-Site Scripting (4.16.5)
PostgreSQL Other Vulnerability (CVE-2009-4136)
Ruby on Rails Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-8162)
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)