Description
WordPress Plugin YARPP-Yet Another Related Posts is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin YARPP-Yet Another Related Posts version 5.30.3 is vulnerable; prior versions may also be affected.
Remediation
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
References
Related Vulnerabilities
MySQL CVE-2021-35628 Vulnerability (CVE-2021-35628)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6635)
WebLogic CVE-2020-2550 Vulnerability (CVE-2020-2550)
MySQL CVE-2015-4830 Vulnerability (CVE-2015-4830)
Plone CMS Improper Input Validation Vulnerability (CVE-2013-4192)