Description
WordPress Plugin WP Post Popup is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin WP Post Popup version 2.1.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.2 or latest
References
Related Vulnerabilities
MySQL CVE-2015-0439 Vulnerability (CVE-2015-0439)
WordPress Plugin Ultimate FAQ Security Bypass (1.8.24)
WordPress Plugin Bookly #1 WordPress Booking Plugin (Lite Version) Cross-Site Scripting (14.4)
WordPress Plugin To Top Security Bypass (2.2.2)
WordPress Plugin WordPress Alipay/Tenpay/PayPal SQL Injection (3.7.2)