Description
WordPress Plugin Blogtopdf is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Blogtopdf version 1.0.2 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin AffiliateWP SQL Injection (1.5.6)
Joomla! Core 1.5.x Open Redirect (1.5.0 - 1.5.6)
WordPress Plugin Ultimate Instagram Feed Unspecified Vulnerability (1.3)
WordPress Plugin Emag Marketplace Connector Cross-Site Scripting (1.0.0)
WordPress Plugin eBay Feeds for WordPress Cross-Site Scripting (1.0)