Description
WordPress Plugin WP Payeezy Pay is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin WP Payeezy Pay version 2.97 is vulnerable; prior versions are also affected.
Remediation
Update to plugin version 2.98 or latest
References
Related Vulnerabilities
WordPress Plugin WP-Polls Cross-Site Scripting (2.73)
WordPress Plugin Snazzy Maps Cross-Site Request Forgery (1.1.5)
e107 Other Vulnerability (CVE-2004-2042)
Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2014-7143)
WordPress Plugin WordPress Download Manager Unspecified Vulnerability (3.1.18)