Description
WordPress Plugin Tinymce Thumbnail Gallery is prone to an information disclosure vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Tinymce Thumbnail Gallery version 1.0.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.1.0 or latest
References
Related Vulnerabilities
MySQL CVE-2016-0600 Vulnerability (CVE-2016-0600)
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.11)
SharePoint CVE-2020-1205 Vulnerability (CVE-2020-1205)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2024-38477)
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Arbitrary File Upload (0.1.0.22)