WordPress Browser Rejector Plugin Remote File Inclusion Vulnerability

Summary
This host is installed with WordPress Browser Rejector Plugin and is prone to remote file inclusion vulnerability.
Impact
Successful exploitation will allow attackers to perform directory traversal attacks and read arbitrary files on the affected application. Impact Level: Application
Solution
Upgrade to the WordPress Browser Rejector Plugin 2.11 or later, For updates refer to http://wordpress.org/extend/plugins/browser-rejector/
Insight
The flaw is due to an improper validation of user supplied input to the 'wppath' parameter in 'wp-content/plugins/browser-rejector/rejectr.js.php', which allows attackers to read arbitrary files via a ../(dot dot) sequences.
Affected
Browser Rejector Plugin version 2.10 and prior
References