Description
PhpMyFaq 1.5.1 allows remote attackers to obtain sensitive information via a LANGCODE parameter that does not exist, which reveals the path in an error message.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Content Copy Protection & No Right Click Security Bypass (3.1.4)
WordPress Plugin Social Sticky Animated Backdoor (1.0)
WordPress Plugin SecureMoz Security Audit PHP Object Injection (1.0.5)
Oracle JRE CVE-2017-10348 Vulnerability (CVE-2017-10348)
WordPress Plugin SP Project & Document Manager Cross-Site Scripting (4.25)