Description
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery version 1.5.24 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.5.25 or latest
References
Related Vulnerabilities
Oracle Database Server Other Vulnerability (CVE-2002-0567)
Apache HTTP Server Other Vulnerability (CVE-2002-0661)
ownCloud Improper Input Validation Vulnerability (CVE-2013-2044)
WordPress Plugin Exit Popup Show Cross-Site Scripting (1.0)
WordPress Plugin N-Media Post Front-end Form Arbitrary File Upload (1.0)