Description
WordPress Plugin SG Optimizer is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin SG Optimizer version 5.0.12 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 5.0.13 or latest
References
https://blog.sucuri.net/2019/03/vulnerability-disclosure-siteground-optimizer-caldera-forms.html
https://plugins.svn.wordpress.org/sg-cachepress/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin Post to Social Media-WordPress to Hootsuite Cross-Site Scripting (1.3.8)
MySQL CVE-2020-14663 Vulnerability (CVE-2020-14663)
PHP Numeric Errors Vulnerability (CVE-2010-4409)
MySQL CVE-2018-2640 Vulnerability (CVE-2018-2640)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-5204)