Description
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery version 1.3.42 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.43 or latest
References
Related Vulnerabilities
WordPress Plugin Checklist Cross-Site Scripting (1.1.5)
WordPress Plugin The Events Calendar Countdown Addon Security Bypass (1.3.1)
WordPress Plugin Automattic Stats Referer Field HTML Injection (1.0)
WordPress Plugin underConstruction Cross-Site Request Forgery (1.08)
WordPress Plugin Pluginception Multiple Cross-Site Scripting Vulnerabilities (1.2)