The WP Easy Gallery plugin is vulnerable to an attack called Stored Cross-Site Scripting. This type of attack affects versions of the plugin before 4.1.5 and can allow someone with access to inject malicious web scripts into a page. When a victim visits the page, the script will execute. To protect against this type of attack, users should update to version 4.1.5 or later.