A critical unrestricted file upload vulnerability in Fastw3b LLC's FW Gallery plugin allows an unauthenticated attacker to upload malicious files, potentially leading to remote code execution on the affected server.**

The software contains an unrestricted file upload vulnerability. An unauthenticated attacker can exploit this flaw by uploading a file with a dangerous type (e.g., a web shell) to the server, bypassing any intended security restrictions. Successful exploitation allows the attacker to place malicious, executable code on the web server.