Description
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages version 1.4.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.4.4 or latest
References
Related Vulnerabilities
WordPress Configuration Vulnerability (CVE-2013-2205)
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1599)
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-1433)
WordPress Plugin Newsletter-Send awesome emails from WordPress Cross-Site Scripting (4.6.0)