Description
WordPress Plugin MP3-jPlayer is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin MP3-jPlayer version 2.3.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.3 or latest
References
http://www.vapidlabs.com/advisory.php?v=149
https://packetstormsecurity.com/files/132984/WordPress-MP3-jPlayer-2.3.2-Path-Disclosure.html
Related Vulnerabilities
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5093)
Joomla! Core 3.0.x Security Bypass (3.0.0 - 3.0.3)
WordPress Plugin Quizlord Cross-Site Scripting (2.0)
WebLogic Incorrect Authorization Vulnerability (CVE-2018-1258)
Python Improper Restriction of XML External Entity Reference Vulnerability (CVE-2022-48565)