A vulnerability described as problematic has been identified in plugins360 All-in-One Video Gallery Plugin up to 4.8.5 on WordPress. This vulnerability affects unknown code of the component Request Handler. The manipulation of the argument vdl results in server-side request forgery.

This vulnerability is cataloged as CVE-2026-12123. The attack may be launched remotely. There is no exploit available.