The Gallery Photoblocks plugin for WordPress is vulnerable to security threats. An unauthenticated attacker can inject malicious web scripts into pages if they can convince a user to click on a link. This vulnerability exists in versions up to and including 1.1.40 because the plugin doesn’t properly sanitize user input or escape output.