Description
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery version 1.3.42 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.43 or latest
References
Related Vulnerabilities
WordPress Plugin Job Board Vanila Cross-Site Scripting (1.0)
WordPress Plugin CP Contact Form with PayPal Multiple Vulnerabilities (1.1.5)
WordPress Plugin Meta Slider and Carousel with Lightbox Cross-Site Request Forgery (1.6.2)
WordPress Plugin Subscribe2 Unspecified Vulnerability (10.20.5)
Oracle Application Server Other Vulnerability (CVE-2002-0568)