Description
WordPress Plugin SEO Tools is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin SEO Tools version 3.1.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.1.8 or latest
References
Related Vulnerabilities
WordPress Plugin Church Admin 'id' Parameter Cross-Site Scripting (0.33.4.5)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7572)
WordPress Plugin Download Zip Attachments Arbitrary File Download (1.0.0)
WordPress 6.0.x Shortcode Execution (6.0 - 6.0.4)
WordPress Plugin Advanced Custom Fields PRO PHP Object Injection (6.0.7)