Description
WordPress Plugin WordPress Filter Gallery is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently make unauthorized AJAX calls and delete/edit/add arbitrary galleries. WordPress Plugin WordPress Filter Gallery version 0.0.6 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 0.0.7 or latest
References
https://sploitus.com/exploit?id=WPEX-ID:1B9AFC2C-2AD5-4B9A-BA8B-88784A378C8A
https://plugins.svn.wordpress.org/filter-gallery/trunk/readme.txt
Related Vulnerabilities
PHP Other Vulnerability (CVE-2002-0986)
Ruby Resource Management Errors Vulnerability (CVE-2008-4310)
Moodle Improper Input Validation Vulnerability (CVE-2017-2576)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-9933)
WordPress Plugin Image Photo Gallery Final Tiles Grid Cross-Site Scripting (3.4.18)