Description
WordPress Plugin Posts in Page is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Posts in Page version 1.2.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.0 or latest
References
Related Vulnerabilities
WordPress Plugin FireStats 'firestats-wordpress.php' Remote File Include (1.6.1)
Apache HTTP Server Other Vulnerability (CVE-1999-0926)
Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1745)
Serendipity Other Vulnerability (CVE-2005-1448)
WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (6.8.1)