Description
WordPress Plugin YARPP-Yet Another Related Posts is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin YARPP-Yet Another Related Posts version 5.30.3 is vulnerable; prior versions may also be affected.
Remediation
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Rencontre-Dating Site Security Bypass (1.6.9)
WordPress Plugin Responsive Menu-Create Mobile-Friendly Menu Multiple Vulnerabilities (4.0.3)
WordPress Plugin Contest Gallery-Photo Contest for WordPress SQL Injection (13.1.0.5)
WordPress Plugin Page Flip Image Gallery 'book_id' Parameter Remote File Disclosure (0.2.2)
WordPress Plugin Modern Events Calendar Lite Multiple Vulnerabilities (5.16.2)