Description
WordPress Plugin Page Flip Image Gallery is prone to a remote file disclosure vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Page Flip Image Gallery versions 0.2.2 and below are vulnerable.
Remediation
Update to the latest version
References
http://www.exploit-db.com/exploits/7543/
http://packetstormsecurity.com/files/view/73347/wppageflip-disclose.txt
Related Vulnerabilities
WordPress Plugin Smash Balloon Social Post Feed Unspecified Vulnerability (2.4.2)
WordPress Plugin Bannerlid Cross-Site Scripting (1.1.0)
WordPress Plugin WordPress Meta Robots SQL Injection (2.1)
WordPress Plugin WP Easy Columns Cross-Site Scripting (2.1.3)
WordPress Plugin AVH Extended Categories Widgets Unspecified Vulnerability (4.0.2)