Description
WordPress Plugin Advanced Classifieds & Directory Pro is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Advanced Classifieds & Directory Pro version 3.1.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.2.1 or latest
References
Related Vulnerabilities
WordPress 3.9.x Cross-Domain Flash Injection Vulnerability (3.9 - 3.9.22)
WordPress Plugin Helios Solutions Brand Logo Slider Arbitrary File Upload (2.1)
phpMyAdmin Other Vulnerability (CVE-2007-0095)
MySQL CVE-2020-14567 Vulnerability (CVE-2020-14567)
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler Cross-Site Scripting (5.0.2)