Plugin Name: PhotoStack Gallery File Path: photostack-gallery / trunk / photo_gallery.php Last Change: 457217, committed 14 years ago File Size: 5.3 KB Version: 0.4.1 Author: Savita at WPoets Plugin URL: http://www.wpoets.com/plugins/photostack-gallery-a-portfolio-and-image-gallery-plugin-for-wordpress/ Description: Allows users to create image galleries that look like photo stacks. Potential Vulnerabilities: Line 227-253: Potential SQL injection vulnerability in the function where the SQL query is constructed using user input without proper sanitization. Line 236: The variable is used directly in the SQL query, which could be exploited if not properly validated. Line 249: Direct use of without escaping output could lead to XSS vulnerabilities. Suggested Actions: Validate and sanitize user input before using it in SQL queries. Ensure output is properly escaped to prevent XSS attacks. Consider using prepared statements for SQL queries.