The All-in-One Video Gallery plugin for WordPress has a security issue that affects all versions up to 3.6.5. This can allow attackers with contributor-level access or higher to include and run their own files on the server. This can lead to unauthorized access, sensitive information being accessed, or even the execution of harmful code.