Details

Authenticated via media upload module discovered by Vishnupriya Ilango (Fortinet FortiGuard Labs) in WordPress Gallery Bank plugin (version <= 4.0.50) Cross-site scripting (XSS) vulnerability.

solution

Deactivate and remove. This plugin is closed as of December 9, 2021 and cannot be downloaded. Reason: Security issue.

Sources.

Gallery Bank