Description
WordPress Plugin SEO Tools is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin SEO Tools version 3.1.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.1.8 or latest
References
Related Vulnerabilities
WordPress 4.1.x Prototype Pollution (4.1 - 4.1.34)
Oracle Database Server CVE-2009-1021 Vulnerability (CVE-2009-1021)
Oracle Database Server CVE-2015-4857 Vulnerability (CVE-2015-4857)
WordPress 4.9.x PHP Object Injection (4.9 - 4.9.17)
WordPress Plugin Drag and Drop Multiple File Upload-Contact Form 7 Arbitrary File Upload (1.3.5.4)