Description
WordPress Plugin True Ranker is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin True Ranker version 2.2.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.2.4 or latest
References
Related Vulnerabilities
WordPress Plugin WP Editor Arbitrary File Upload (1.2.5.3)
WordPress Plugin Calculated Fields Form Multiple SQL Injection Vulnerabilities (1.0.10)
WordPress Plugin Simple:Press Security Bypass and Arbitrary File Upload Vulnerabilities (4.1.2)
WordPress Plugin CMS Tree Page View 'cms_tpv_view' Parameter Cross-Site Scripting (0.8.8)