Description
WordPress Plugin Ruben Boelinger wordTube is prone to multiple remote file include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin Ruben Boelinger wordTube version 1.43 is vulnerable; other versions may also be affected.
Remediation
Update to plugin version 1.44 or latest
References
http://www.securityfocus.com/bid/23737/exploit
http://www.securityfocus.com/archive/1/467362
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2013-7327)
WordPress Plugin Duplicator-WordPress Migration Cross-Site Scripting (0.5.26)
Oracle JRE CVE-2022-21341 Vulnerability (CVE-2022-21341)
WordPress Plugin WP Fast Cache Multiple Vulnerabilities (1.4)
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-31050)