via pluginvulnerabilities.com => original post link
On Monday, a report was posted on Packet Storm claiming that the latest version of the WordPress plugin Photo Gallery by 10Web, 1.8.0, had a reflected cross-site scripting (XSS) vulnerability. That type of vulnerability isn’t a major issue and isn’t something that would be expected to be exploited on a wide-scale, if exploited at all. The plugin does have 300,000+ active installations according to WordPress, so there still could be a lot of websites that would be impacted. That would be if there was a vulnerability, but there wasn’t.
It shouldn’t be hard to tell this is a false report. [Read more]