Description
WordPress Plugin Tinymce Thumbnail Gallery is prone to an information disclosure vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Tinymce Thumbnail Gallery version 1.0.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.1.0 or latest
References
Related Vulnerabilities
WordPress 5.6.x Directory Traversal (5.6 - 5.6.13)
WordPress Plugin Related Posts by Zemanta Cross-Site Request Forgery (1.3.1)
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.14)
Grafana Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-27962)
WordPress Plugin Job Board by BestWebSoft Cross-Site Scripting (1.1.3)