Description
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery version 1.3.33 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.34 or latest
References
Related Vulnerabilities
WordPress Plugin EWWW Image Optimizer Cloud Cross-Site Scripting (2.0.1)
WordPress Plugin WooCommerce Object Injection (2.3.10)
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.25)
WordPress Plugin Form Store to DB Unspecified Vulnerability (1.1.0)
WordPress Plugin Sexy Add Template Cross-Site Request Forgery (1.0)