10Web Photo Gallery Plugin Vulnerability

A recently discovered security vulnerability affects the 10Web Photo Gallery plugin, a popular WordPress plugin installed on more than 200,000 websites. This flaw could allow unauthenticated users—that is, attackers who do not need to log in—to delete image comments on sites running the Pro version of the plugin. All plugin versions up to and including 1.8.36 are impacted.

The 10Web Photo Gallery plugin is widely used to create and showcase image galleries, slideshows, and albums in a range of layouts. It is particularly popular among photography websites, portfolio pages, and businesses that rely heavily on visual content to engage visitors.

Understanding the Vulnerability
The flaw lies in the plugin’s delete_comment() function, which is responsible for managing image comment deletion. Normally, WordPress plugins check whether a user has the appropriate permissions before allowing content to be altered or removed. In this case, the plugin fails to verify whether a deletion request is authorised, meaning anyone can exploit the vulnerability to remove comments without permission.

This vulnerability is particularly concerning because it affects unauthenticated users. No login, registration, or elevated user permissions are needed to exploit the flaw. Consequently, the exposure is significant, particularly for sites that rely on image comments for community engagement, moderation history, or feedback.

Impact of Exploitation
Attackers exploiting this vulnerability could delete arbitrary image comments on a site. While the flaw does not allow a complete website takeover or direct server access, it can disrupt user interaction and potentially cause data loss, particularly for sites where image comments are an important feature. Security firm Wordfence has classified the threat at a medium severity level, with a 5.3 out of 10 rating.

It’s important to note that this issue only affects the Pro version of the plugin where the comments feature is enabled. Sites not using the comment function are not vulnerable to this specific problem.

Versions Affected
The vulnerability exists in all versions of the 10Web Photo Gallery plugin up to 1.8.36. Any site using a version below 1.8.37 that has comments enabled is at risk. No special server configuration or additional user action is required to exploit the flaw, making it straightforward for malicious actors to target vulnerable sites.

Recommended Actions for Site Owners
Site administrators should update the plugin to version 1.8.37 or later, which includes a patch addressing the issue. For those unable to update immediately, disabling the plugin or turning off the comments feature can prevent exploitation until the site can be updated.

It’s also a good reminder for WordPress site owners to regularly review and maintain all plugins, particularly those that handle user-generated content. Ensuring plugins are kept up to date, limiting unnecessary features, and monitoring for suspicious activity can greatly reduce exposure to security vulnerabilities.

Final Thoughts
While the 10Web Photo Gallery plugin remains a popular and useful tool for WordPress websites, this vulnerability underscores the importance of vigilance in plugin management. Updating to the latest version or temporarily disabling affected functionality is essential to protect sites and maintain the integrity of user interactions.