From securityonline.info
A critical directory traversal vulnerability has been found in a popular WordPress plugin. The affected plugin, Photo Gallery by 10Web – Mobile-Friendly Image Gallery, has over 200,000 active installations.
Photo Gallery is the leading plugin for building beautiful mobile-friendly galleries in a few minutes. It’s simple to use yet packed with powerful functionality, allowing you to create anything from simple to complex photo galleries.