Description
WordPress Plugin Meow Gallery (+ Gallery Block) is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently update arbitrary options. WordPress Plugin Meow Gallery (+ Gallery Block) version 4.1.9 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.2.0 or latest
References
https://sploitus.com/exploit?id=WPEX-ID:6CD95445-22BD-4666-8CF3-7979BFA5422D
https://plugins.svn.wordpress.org/meow-gallery/trunk/readme.txt
Related Vulnerabilities
MySQL CVE-2017-3651 Vulnerability (CVE-2017-3651)
Coppermine Improper Authentication Vulnerability (CVE-2005-3979)
MyBB Improper Input Validation Vulnerability (CVE-2008-4930)
WordPress Plugin Customize Youtube Videos Multiple Vulnerabilities (0.2)
WordPress Plugin Aspose Cloud eBook Generator Arbitrary File Download (1.0)