Description
WordPress Plugin Really Simple Guest Post is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Really Simple Guest Post version 1.0.6 is vulnerable; prior versions are also affected.
Remediation
Update to plugin version 1.0.7 or latest
References
Related Vulnerabilities
WordPress Plugin WP125 Multiple Cross-Site Scripting Vulnerabilities (1.4.4)
WordPress Plugin RSVP and Event Management Cross-Site Scripting (2.3.7)
WordPress Plugin Cherry Multiple Vulnerabilities (1.2.6)
WordPress Plugin S3 Video Cross-Site Scripting (0.982)
WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.24)