Description
WordPress Plugin WORDPRESS VIDEO GALLERY is prone to an open email relay vulnerability that lets attackers send mass emails without authentication. An attacker could exploit this issue to send unsolicited spam email to an unrestricted number of email addresses. WordPress Plugin WORDPRESS VIDEO GALLERY version 2.8 is vulnerable; other versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
http://www.homelab.it/index.php/2015/05/22/wordpress-video-gallery-2-8-unprotected-mail-page/
https://www.exploit-db.com/exploits/37106/
http://packetstormsecurity.com/files/132015/WordPress-Video-Gallery-2.8-Unprotected-Mail-Page.html