CVE-2019-16118 (photo_gallery)

Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php.
Source: NIST
CVE-2019-16118 (photo_gallery)