The NextGen Gallery plugin is a tool created for WordPress that has a security vulnerability. This vulnerability affects versions up to and including 2.0, and it allows people to access files on the server that they shouldn’t have access to. These files may include sensitive information, such as passwords and personal data.