Description
WordPress Plugin MP3-jPlayer is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin MP3-jPlayer version 2.3.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.3 or latest
References
http://www.vapidlabs.com/advisory.php?v=149
https://packetstormsecurity.com/files/132984/WordPress-MP3-jPlayer-2.3.2-Path-Disclosure.html
Related Vulnerabilities
WordPress Plugin WooCommerce Potential PHP Object Injection (3.4.4)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-11145)
PHP Numeric Errors Vulnerability (CVE-2010-4645)
WordPress Plugin iThemes Security (formerly Better WP Security) Unspecified Vulnerability (6.9.0)