Description
The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) http_build_query, (5) strpbrk, and (6) strtr functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.
Remediation
References
Related Vulnerabilities
WordPress Plugin Product Reviews Import Export for WooCommerce Cross-Site Request Forgery (1.3.2)
WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.5)
WordPress Plugin Custom Field Suite Cross-Site Request Forgery (2.5.15)
WordPress Plugin Html5 Audio Player-Audio Player for WordPress Cross-Site Scripting (2.1.2)
WordPress Plugin FoxyPress Multiple Vulnerabilities (0.4.2.5)