Description
WordPress Plugin MyPixs is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin MyPixs version 0.3 is vulnerable; prior versions are also affected.
Remediation
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin BulletProof Security Cross-Site Scripting (.47)
WordPress Plugin Video Comments Webcam Recorder Cross-Site Scripting (1.55)
WordPress Plugin Ultimate Affiliate Pro Multiple Cross-Site Scripting Vulnerabilities (3.6)
WordPress Plugin Genesis Simple Share Cross-Site Scripting (1.0.6)
WordPress Plugin Arigato Autoresponder and Newsletter Multiple Vulnerabilities (2.5.1.6)