Cross-Site Scripting Vulnerability Discovered In WordPress Photo Gallery Plugin | Fortinet Blog

With over 12 million downloads, Photo Gallery is one of the most popular WordPress plugins; users should be sure to upgrade to the latest version.

FortiGuard Labs disclosed a vulnerability today in the WordPress Photo Gallery plugin that could potentially be used to gather information from system administrators. With over 100,000 active installations and robust photo management and editing tools, this particular cross-site scripting vulnerability has significant security implications across the many retail, media, and other WordPress-driven websites that use it to display and host pictures.

Cross-Site Scripting Vulnerability Discovered In WordPress Photo Gallery Plugin | Fortinet Blog