Contributor SQL Injection in Gallery <= 4.7.8 versions.
Update the WordPress Gallery Plugin to the latest available version (at least 4.7.9).