Description
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery version 1.3.33 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.34 or latest
References
Related Vulnerabilities
WordPress Plugin World of Warcraft-Armory Table Cross-Site Scripting (0.2.5)
PHP Improper Input Validation Vulnerability (CVE-2015-3411)
WordPress Plugin Flickr Justified Gallery Cross-Site Scripting (3.3.6)
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Multiple Vulnerabilities (3.7.0)