Description
WordPress Plugin MP3-jPlayer is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin MP3-jPlayer version 2.3.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.3 or latest
References
http://www.vapidlabs.com/advisory.php?v=149
https://packetstormsecurity.com/files/132984/WordPress-MP3-jPlayer-2.3.2-Path-Disclosure.html
Related Vulnerabilities
WordPress Plugin Spreadsheet (wpSS) Cross-Site Scripting (0.62)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.13)
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.4.4)
WordPress Plugin Share on Diaspora Cross-Site Scripting (0.7.1)
SharePoint Integer Overflow or Wraparound Vulnerability (CVE-2008-4019)