Description
WordPress Plugin MP3-jPlayer is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin MP3-jPlayer version 2.3.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.3 or latest
References
http://www.vapidlabs.com/advisory.php?v=149
https://packetstormsecurity.com/files/132984/WordPress-MP3-jPlayer-2.3.2-Path-Disclosure.html
Related Vulnerabilities
MediaWiki Unquoted Search Path or Element Vulnerability (CVE-2021-31553)
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.6)
Jboss EAP Improper Input Validation Vulnerability (CVE-2010-3862)
MySQL CVE-2020-14591 Vulnerability (CVE-2020-14591)
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33333)