Description
WordPress Plugin Page Flip Image Gallery is prone to a remote file disclosure vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Page Flip Image Gallery versions 0.2.2 and below are vulnerable.
Remediation
Update to the latest version
References
http://www.exploit-db.com/exploits/7543/
http://packetstormsecurity.com/files/view/73347/wppageflip-disclose.txt
Related Vulnerabilities
WordPress Plugin Premium Addons for Elementor Cross-Site Scripting (3.7.2)
WordPress Plugin Social Media Widget by Acurax Multiple Unspecified Vulnerabilities (3.2.3)
MediaWiki Improper Authentication Vulnerability (CVE-2021-36128)
WordPress Plugin AJS Instagram Feed Cross-Site Scripting (1.0)
WordPress Plugin User Submitted Posts Cross-Site Scripting (20151113)