Another iOS flaw was recently reported by the New York Times that developers may grab all your photos (in addition to your whole address book) through any Apps in your iPhone or iPad if access to location information was previously granted.
According to this report:
The New York Times asked a developer, who asked not to be named because he worked for a popular app maker and did not want to involve his employer, to create a test application that collected photos and location information from an iPhone. When the test app, PhotoSpy, was opened, it asked for access to location data. Once this was granted, it began siphoning photos and their location data to a remote server. (The app was not submitted to the App Store.)
According to the Verge, Apple will very likely release a fix for this issue:
Apple has been made aware of the issue and is likely planning a fix with an upcoming release of iOS. Those sources also confirmed that the ability to send your photos and videos to a third-party is an error, not an intended feature.
So, for the time being, if you have some very private photos, you should deny any access request for your location info.