Description
WordPress Plugin Light Post is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin Light Post version 1.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.5 or latest
References
Related Vulnerabilities
Grafana Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-10452)
Django Uncontrolled Resource Consumption Vulnerability (CVE-2023-24580)
WordPress Plugin Payment Form for PayPal Pro Multiple Cross-Site Scripting Vulnerabilities (1.0.1)
Internet Information Services CVE-2006-6578 Vulnerability (CVE-2006-6578)
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2016-8740)