Description
WordPress Plugin Posts in Page is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Posts in Page version 1.2.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.0 or latest
References
Related Vulnerabilities
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1432)
WordPress Plugin Slider by 10Web-Responsive Image Slider Unspecified Vulnerability (1.1.9)
Internet Information Services Other Vulnerability (CVE-2002-1694)