The Gallery PhotoBlocks plugin for WordPress has a security vulnerability in versions up to 1.1.5. Attackers can use the vulnerability to inject malicious web scripts into a victim’s browser. This happens because the plugin does not properly sanitize user input or escape output.