Description
WordPress Plugin cloudsafe365_for_WP is prone to a file disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view local files in the context of the web server process; this may aid in launching further attacks. WordPress Plugin cloudsafe365_for_WP version 1.46 is vulnerable.
Remediation
Update to plugin version 1.47 or latest
References
http://www.securityfocus.com/bid/55241/exploit
http://packetstormsecurity.com/files/115972/WordPress-Cloudsafe365-Local-File-Inclusion.html
Related Vulnerabilities
WordPress Plugin Plugmatter Optin Feature Box Multiple SQL Injection Vulnerabilities (2.0.13)
Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2019-20406)
WordPress Plugin Websimon Tables Cross-Site Scripting (1.3.4)
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4900)