Description
The WordPress plugin Slider Revolution was vulnerable to an arbitrary file disclosure vulnerability that allows an attacker to download any file from the server. This vulnerability is/was actively exploited in the wild.
Remediation
Upgrade to the latest version of the plugin.
References
Related Vulnerabilities
WordPress Plugin Super Refer A Friend Information Disclosure (1.0)
Drupal Core 5.x Local File Inclusion (5.0 - 5.15)
Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.2)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1829)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32477)