Description
WordPress Plugin MyPixs is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin MyPixs version 0.3 is vulnerable; prior versions are also affected.
Remediation
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Breadcrumb NavXT Information Disclosure (6.1.0)
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (3.8.6)
ownCloud Improper Access Control Vulnerability (CVE-2016-9467)
e107 Other Vulnerability (CVE-2004-2040)
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17827)