Description
WordPress Plugin Page Flip Image Gallery is prone to a remote file disclosure vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Page Flip Image Gallery versions 0.2.2 and below are vulnerable.
Remediation
Update to the latest version
References
http://www.exploit-db.com/exploits/7543/
http://packetstormsecurity.com/files/view/73347/wppageflip-disclose.txt
Related Vulnerabilities
Sqlite Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-6607)
OpenSSL Other Vulnerability (CVE-2006-7250)
Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548)
WordPress Plugin Elementor Website Builder Unspecified Vulnerability (1.8.8)
WordPress Plugin Delete Duplicate Posts Security Bypass (4.1.9.4)