Description
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages version 1.4.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.4.4 or latest
References
Related Vulnerabilities
WordPress MU 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability (1.0 - 2.6)
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31552)
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9041)
WordPress Plugin WP Google Fonts Cross-Site Scripting (3.1.3)