Description
WordPress Plugin BookX is prone to a local file inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin BookX version 1.7 is vulnerable; prior versions may also be affected.
Remediation
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
References
Related Vulnerabilities
MySQL Other Vulnerability (CVE-2003-0073)
MySQL CVE-2012-0117 Vulnerability (CVE-2012-0117)
Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21696 )
WordPress Plugin Child Theme Creator by Orbisius Arbitrary File Modification (1.2.6)
WordPress Plugin Favicon by RealFaviconGenerator Cross-Site Scripting (1.3.20)