Description
WordPress Plugin Tinymce Thumbnail Gallery is prone to an information disclosure vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Tinymce Thumbnail Gallery version 1.0.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.1.0 or latest
References
Related Vulnerabilities
WordPress Plugin Social Media Widget by Acurax Multiple Unspecified Vulnerabilities (3.2.3)
WordPress Plugin BruteBank-WP Security & Firewall Cross-Site Request Forgery (1.8)
WordPress Plugin Advanced Text Widget 'page' Parameter Cross-Site Scripting (2.0.0)
WordPress Plugin Google Maps Ready! Cross-Site Request Forgery (1.1.5)