Description
WordPress Plugin YARPP-Yet Another Related Posts is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin YARPP-Yet Another Related Posts version 5.30.3 is vulnerable; prior versions may also be affected.
Remediation
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.1.4)
WordPress 4.1.x Same Origin Method Execution (SOME) Vulnerability (4.1 - 4.1.10)
WordPress Other Vulnerability (CVE-2007-0540)
WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Disclosure (3.7)
WordPress Plugin MSMC-Redirect After Comment Multiple Vulnerabilities (2.1.2)