| Tinymce Thumbnail Gallery Plugin for WordPress contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the download-image.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'href' parameter. This directory traversal attack would allow the attacker to gain access to arbitrary files. |
