Description
WordPress Plugin WP PHP widget is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin WP PHP widget version 1.0.2 is vulnerable; prior versions may also be affected.
Remediation
Edit the source code to ensure that errors containing sensitive information aren't displayed to the end user or disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Translate WordPress with GTranslate Cross-Site Scripting (2.8.51)
WordPress Plugin All-in-One Event Calendar Multiple Vulnerabilities (1.10-standard)
WordPress Plugin Navis DocumentCloud Cross-Site Scripting (0.1)
WordPress Plugin Collapse-O-Matic Cross-Site Scripting (1.8.2)
WordPress Plugin Spider Calendar Cross-Site Scripting (1.1.0)