Description
WordPress Plugin NextGEN Gallery-WordPress Gallery is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin NextGEN Gallery-WordPress Gallery version 2.1.56 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.60 or latest
References
Related Vulnerabilities
Apache Tomcat version older than 6.0.36
WordPress Plugin WP Fastest Cache Local File Inclusion (0.8.5.9)
WordPress Improper Input Validation Vulnerability (CVE-2019-20041)
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4111)
Moodle Incorrect Default Permissions Vulnerability (CVE-2012-1157)