Cross-site scripting (XSS) vulnerability in Best Gallery Albums Plugin before 3.0.70for WordPress allows remote attackers to inject arbitrary web script or HTML via the order_id parameter in the gallery_album_sorting page to wp-admin/admin.php.Referenceshttps://g0blin.co.uk/cve-2014-8758/https://wpvulndb.com/vulnerabilities/8236
