Description
WordPress Plugin WP CSS is prone to a local file disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information from local files on computers running the vulnerable application; this may aid in further attacks. WordPress Plugin WP CSS version 2.0.5 is vulnerable; other versions may also be affected.
Remediation
Edit the source code to ensure that input is properly sanitised or disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin BackWPup Unspecified Vulnerability (3.3)
WordPress Plugin Advanced Access Manager Multiple Vulnerabilities (6.6.1)
WordPress Plugin Aspose PDF Exporter Arbitrary File Download (1.0)
WordPress Plugin Image Gallery-Responsive Photo Gallery Cross-Site Scripting (1.5.1)
WordPress Plugin Avenir-soft Direct Download Multiple Vulnerabilities (1.0)