WordPress Plugin IMDb Profile Widget is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin IMDb Profile Widget version 1.0.8 is vulnerable; other versions may also be affected.
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
WordPress Plugin White Label CMS PHP Object Injection (2.4)
WordPress Plugin Popup by Supsystic Cross-Site Scripting (1.10.4)
WordPress Plugin UnGallery Local File Disclosure (1.5.8)
WordPress Plugin IP Logger Arbitrary File Upload (3.1)
WordPress Plugin Onclick show popup Cross-Site Scripting (6.5)