Critical WordPress Plugin Flaw Allows Site Takeover

A patch in the NextGen Gallery WordPress plugin fixes critical and high-severity cross-site request forgery flaws.
Source: Threadpost