source: https://www.securityfocus.com/bid/57256/info

The Gallery plugin for WordPress is prone to an arbitrary file-access vulnerability.

Remote attackers can exploit this issue to read arbitrary files. This may lead to further attacks.

Gallery 3.8.3 is vulnerable; other versions may also be affected.

http://www.example.com/wp-content/plugins/gallery-plugin/gallery-plugin.php?filename_1=[AFR]