Description
WordPress Plugin article2pdf is prone to multiple vulnerabilities, including arbitrary file deletion and arbitrary file disclosure vulnerabilities. An attacker can exploit these vulnerabilities to delete arbitrary files or to view local files in the context of the web server process, which may aid in launching further attacks. WordPress Plugin article2pdf version 0.27 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin BackWPup Cross-Site Scripting (3.2.3)
TYPO3 Improper Authentication Vulnerability (CVE-2023-47127)
WebLogic CVE-2021-2382 Vulnerability (CVE-2021-2382)
Apache 2.x version older than 2.0.63
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0724)