Simple Image Gallery PRO [plg_content_jw_sigpro], 3.0.7 and below, XSS (Cross Site Scripting)
Extension includes vulnerable version of JS library prettyPhoto
Vulnerability fixed in version 3.0.8
Update notice: http://www.joomlaworks.net/forum/product-updates/41928-june-22nd,-2015-simple-image-gallery-pro-v3-0-8
please contact the developer for more information.