Description
WordPress Plugin Service Finder-Provider and Business Listing is prone to a local file disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability could allow an attacker to obtain potentially sensitive information from local files on computers running the vulnerable application; this may aid in further attacks. WordPress Plugin Service Finder-Provider and Business Listing version 3.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.2 or latest
References
Related Vulnerabilities
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8213)
Joomla CVE-2009-3945 Vulnerability (CVE-2009-3945)
Jenkins Improper Handling of Inconsistent Structural Elements Vulnerability (CVE-2021-21640)
Oracle Application Server Other Vulnerability (CVE-2004-1365)