Description
WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages version 1.4.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.4.4 or latest
References
Related Vulnerabilities
MySQL CVE-2022-21425 Vulnerability (CVE-2022-21425)
WordPress Plugin WordPress Facebook Multiple Cross-Site Scripting Vulnerabilities (1.0.10)
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-9066)
Magento CVE-2019-8144 Vulnerability (CVE-2019-8144)
WordPress Plugin Dean's Permalinks Migration Cross-Site Request Forgery (1.0)