Description
WordPress Plugin Gallery-Flagallery Photo Portfolio is prone to multiple SQL injection, directory traversal and arbitrary file overwrite vulnerabilities. A successful exploit may allow an attacker to overwrite arbitrary files on the affected computer, compromise the application, disclose or delete potentially sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database. WordPress Plugin Gallery-Flagallery Photo Portfolio version 2.00 is vulnerable; other versions may also be affected.
Remediation
Update to plugin version 2.17 or latest
References
Related Vulnerabilities
WordPress Plugin bodi0`s Bots visits counter Cross-Site Scripting (0.8.1)
MySQL CVE-2012-0112 Vulnerability (CVE-2012-0112)
WordPress 2.0.9 Multiple Vulnerabilities (2.0 - 2.0.9)
WordPress Plugin WP Import Export Lite Information Disclosure (3.9.15)
WordPress Plugin iQ Block Country Cross-Site Scripting (1.1.19)