Unauthenticated Arbitrary File Download & SSRF vulnerability discovered by Gabriele Zuddas in All-in-One Video Gallery Plugin (versions 2.5.8 to 2.6.0)
Update the WordPress All-in-One Video Gallery plugin to the latest available version (at least 2.6.1).
CPE | Name | Operator | Version |
---|---|---|---|
all-in-one video gallery | ge | 2.5.8 | |
all-in-one video gallery | le | 2.6.0 |